Research Article
Security Analysis and Bypass User Authentication Bound to Device of Windows Hello in the Wild
Table 2
Storage of authentication data for Windows Hello.
| Data | Path |
| Private keys | %SystemRoot%\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Crypto\Keys | Key metadata | %SystemRoot%\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc | EncPwd | \HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\NgcPin\Credentials\EncryptedPassword | CacheData | %SystemRoot%\System32\config\systemprofile\AppData\Local\Microsoft\Windows\CloudAPCache\MicrosoftAccount | Credentials | %LOCALAPPDATA%\Microsoft\Credentials |
|
|