Face Recognition and Locking Your System: You Say Goodbye and I Say Hello

Privacy concerns aside, logging into personal devices and computers using biometrics is convenient and sufficiently secure for most people. However, if you've configured your system to unlock itself using facial recognition, you should be careful when locking the PC and stepping away from it.

For instance, consider Windows Hello, which is the name bestowed upon the biometric authentication feature of Windows 10. It includes the ability to authenticate the person by using a special camera, such as Intel RealSense or the one built into Microsoft Surface. You can set up Windows Hello to automatically unlock the system if it recognizes your face.


Unlocking the PC using your face is very convenient... and sometimes maybe too convenient. Allow me to explain:

If you follow recommended practices and lock the computer before stepping away from it, Windows Hello will automatically start looking for your face. And if you've lingered even for a second in front of the PC that you've just locked, Windows Hello will spot you and unlock it. (Imaging Beatles singing in the background ♪ You say goodbye and I say hello. ♪)

My recommendation to Microsoft is to implement a slight delay after the computer was locked before starting to authenticate the user using facial recognition. In the meantime, if you're using this feature, practice stepping away from the system quickly or turn your face to the side when pressing that Windows+L key combination.


About the Author

Lenny Zeltser develops products and programs that use security to achieve business results. He is the CISO at Axonius and Faculty Fellow at SANS Institute. Lenny has been leading efforts to establish resilient security practices and solve hard security problems for over two decades. A respected author and practitioner, he has been advancing tradecraft and contributing to the community. His insights build upon real-world experience, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more