Are you looking for a way to disable Windows Hello in Microsoft Intune? If so, you’ve come to the right place. This blog post will show you how to do just that. Windows Hello is a great feature, but it is not for everyone.
About Windows Hello
Windows Hello is a biometric authentication feature that uses facial recognition or fingerprints to unlock devices. It is available on Windows 10, and Microsoft Intune can be used to manage it. Windows Hello provides a more secure way to sign in to devices, but if you don’t need it, you can disable it in Intune.
Disable Windows Hello Using Intune
The screenshot below shows a login screen on a new Windows 11 machine when Windows Hello is enabled (default). By default, this configuration is not suitable for everyone.
To disable Windows Hello, we will use a configuration profile policy that disables Hello.
To create a Configuration profile, Login to EndPoint Manager
- Click on Devices
- Click on Configuration profiles
- Click on New
In the create a profile page, select the following.
- Platform – Windows 10 and later
- Profile – Templates
- Template, name search for Identity and click on Identity protection
Name the policy and click Next.
In the Configuration settings next to Configure Windows Hello for Business, select Disable and leave the second option as Not configured.
In the Assignments section, select the users or groups the policy will apply to. To apply it to everyone, select All users. Review and create the policy.
About Microsoft EndPoint Manager
Microsoft EndPoint Manager is a comprehensive security solution that helps protect devices and data from malicious attacks. It can help you secure your organization’s endpoints, including laptops, desktops, servers, and mobile devices. Microsoft EndPoint Manager can help you protect your organization’s data by providing comprehensive security features, including:
- Antivirus protection
- Firewall protection
- Patch management
- Device access control