If your Windows 10-based computer supports Windows Hello and you have configured facial recognition, you can enable enhanced anti-spoofing. Windows Hello is a technology based on biometrics that allows users to authenticate their identity in order to access their devices, applications, networks, and so on. with the help of fingerprints, facial recognition or iris scan. Now, face detection in Windows 10 works well, but it can not differentiate a photo from your face in your mobile or the face of the user.
The potential threat because of this problem is that someone with your photo may unlock your device using their mobile phone. To overcome this difficulty, anti-spoofing technology comes into action and once you have activated the anti-spoof feature for Windows Hello Face authentication, you can no longer use an authentic user photo for connect to the PC.
Enable enhanced anti-spoofing for Hello Face authentication
Improved anti-spoofing for Windows Hello Face authentication is not required on unmanaged devices and you must be logged in as an administrator to enable or disable enhanced anti-spoofing. To do this:
Open the local Group Policy Editor and, in the left pane of the Local Group Policy Editor, navigate to the following location:
Computer Configuration> Administrative Templates> Windows Components> Biometry> Facial Features.
In the right pane of Facial Features in the Local Group Policy Editor, double-click Configure enhanced anti-spoofing policy to change it.
This policy setting determines whether enhanced anti-spoofing is required for Windows Hello Face authentication.
If you enable this setting, Windows requires that all users of managed devices use the anti-spoofing feature for Windows Hello Face authentication. This disables Windows Hello face authentication on devices that do not support enhanced anti-spoofing.
If you disable this setting or do not configure it, Windows does not require enhanced anti-spoofing for Windows Hello Face authentication.
Note that enhanced anti-spoof authentication for Windows Hello face authentication is not required on unmanaged devices.
As shown in the screenshot above, follow these steps:
To disable enhanced anti-spoofing for Windows Hello Face authentication
- Click the radio button for Not configured or disabled, Click on D & #39; AGREEMENT.
To enable enhanced anti-spoofing for Windows Hello Face authentication
- Click on the radio button enabled, Click on D & #39; agreement.
You can now exit the Group Policy Editor and restart your system.
The procedure described above will not work on Windows 10 Home Edition because the Group Policy Editor is not integrated with the Home Edition. However, to apply the same procedure in Home Edition, install PolicyPlus.. Once you have added the utility, you can now follow the same steps as described above to enable enhanced anti-spoofing for Windows 10 Home.