Windows 10 security features include two new major security tools -- Windows Hello and Passport. Windows Hello delivers biometric authentication capabilities. Users can log into their devices with a fingerprint scan or facial or iris recognition. To set up Windows Hello, users must enter a PIN, which also serves as a failsafe if any of the biometric authentication approaches fail. To use facial recognition, the device must have an infrared camera.
Passport combines with Windows Hello to deliver single sign-on (SSO). With SSO, users can log into their devices and access all their apps and services without entering another password. SSO may sound risky -- because it only takes a single form of authentication to access anything on a particular device -- but Passport is an optional feature and includes multifactor authentication to increase the level of protection it provides. Because all the Windows Hello biometric information lives on the device itself and never leaves it, a hacker needs to have the exact physical device to access anything on it. As a result, the actual device is its own form of authentication, and the actual sign on method is the second.