Home > Products > Windows Passwords > Windows Password Recovery > Screenshots > Forensic tools > Windows Hello > Biometric databases
Biometric databases and digital IDs
11.06.2019
New article
DPAPI security flaw in Windows 10
10.06.2019
Windows Password Recovery 11.7
Support for Windows 10 1903, Trusted Boot Auto-Logon, etc.
24.05.2019
Wireless Password Recovery v6.0.1
New GPU engine and automated multi-mode for recovery
15.05.2019
Internet Explorer Password Recovery v5.1
New algorithm of password extraction for Windows 8/10 OSes

Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

Windows Password Recovery - Windows Hello biometric databases


Biometric databases contain digital identities used to authenticate a certain user in Windows Hello system. Those identities are fingerprints, 3d-faces, voice or iris.
 

Setting Windows directory
Windows Hello biometric databases - setting Windows directory

You should set the Windows directory of the target system first. This could be the Windows directory of your current or of any external operating system.

 

Selecting a biometric database
Windows Hello biometric databases - selecting a database

To decrypt a database, just double-click it in the list.


 

Decrypted biometric database
Windows Hello biometric databases - decrypted digital identities

The decrypted database contains found and decrypted digital identities, like fingerprints, 3d-faces, etc. For example, if a user has set 3 fingerprints previously, the fingerprints should be decrypted and outputted right of the user's name. Just like in the picture above.

You can save the digital IDs for further analysis

Despite the Microsoft assertion of extremely security, the digital IDs are badly protected against substitution (unless a TPM device is used) and can be easily migrated or copied from one PC to another. For example, you can create your own fingerprint, copy it to another PC into another user account. Then you can simply logon into the alien account using your own fingerprint. Because of the serious nature of this vulnerability that compromises the whole system security, the digital IDs migrating function was disabled in the current version of the program.