If your Windows Hello device supports FIDO2 biometrics, you can use it to authenticate with PingID for a secure sign-on experience. To set up your Windows Hello device for secure authentication with PingID, you need to register or 'pair' it with your account.
Pairing creates a trust between your Windows Hello device and your account so that you can use it to authenticate during the sign-on process. You can use Windows Hello biometrics to access your account and apps using a web browser.
PingID Mobile app using biometrics (fingerprint, face or, iris authentication) and Biometric web authentication with Windows Hello are different methods of authentication:
- PingID mobile app: Allows you to authenticate when accessing your account from various different devices. Requires you to install PingID mobile app on your mobile device, and to pair it with your account.
- Biometrics authentication: Allows you to authenticate using your Windows Hello device's built-in biometrics, when signing on to your account, without downloading an app. You can only sign on to your account from the same device with which you want to authenticate.
Pairing your Windows Hello device
To set up Windows Hello authentication on your Windows machine for secure authentication with PingID, you need to register or 'pair' your Windows Hello device with your account.
Ensure your Windows Hello device supports FIDO2 biometrics and that you are using:
- Windows 10, OS Build 1809 or later.
- A browser that supports the use of FIDO2 biometrics, such as Windows Edge v44.17763 or later.
- Set up Windows Hello biometrics sign in on your machine, such as registering your fingerprints or face. Follow the manufacturer's guidelines to do so.
After registering, use your Windows Hello device to authenticate with PingID for both second factor or passwordless authentication flows depending on your organization's configuration. For more information, see Authenticating with PingID using Windows Hello.