Face Recognition and Locking Your System: You Say Goodbye and I Say Hello

Privacy concerns aside, logging into personal devices and computers using biometrics is convenient and sufficiently secure for most people. However, if you've configured your system to unlock itself using facial recognition, you should be careful when locking the PC and stepping away from it.

For instance, consider Windows Hello, which is the name bestowed upon the biometric authentication feature of Windows 10. It includes the ability to authenticate the person by using a special camera, such as Intel RealSense or the one built into Microsoft Surface. You can set up Windows Hello to automatically unlock the system if it recognizes your face.

windows-hello-configuration

Unlocking the PC using your face is very convenient... and sometimes maybe too convenient. Allow me to explain:

If you follow recommended practices and lock the computer before stepping away from it, Windows Hello will automatically start looking for your face. And if you've lingered even for a second in front of the PC that you've just locked, Windows Hello will spot you and unlock it. (Imaging Beatles singing in the background ♪ You say goodbye and I say hello. ♪)

My recommendation to Microsoft is to implement a slight delay after the computer was locked before starting to authenticate the user using facial recognition. In the meantime, if you're using this feature, practice stepping away from the system quickly or turn your face to the side when pressing that Windows+L key combination.

Updated

About the Author

I transform ideas into successful outcomes, building on my 25 years of experience in cybersecurity. As the CISO at Axonius, I lead the security program to earn customers' trust. I'm also a Faculty Fellow at SANS Institute, where I author and deliver training for incident responders. The diversity of cybersecurity roles I've held over the years and the accumulated expertise, allow me to create practical solutions that drive business growth.

Learn more