Hello Readers,
Believe it or not, I recently purchased a Windows Hello-compatible fingerprint reader purely to test its capabilities and examine the logs it generates. I’m pleased to report that the investment paid off—there’s now an event log entry in Microsoft-Windows-Biometrics that confirms a successful fingerprint-based authentication.
Here’s the log entry it's event id 1004:
The Windows Biometric Service successfully identified
<hostname>\<username>(S-1-5-21-3400467401-1001) using sensor: VeriMark DT Fingerprint Key (USB\VID_047D&PID_00F2&MI_01\7&163AA6B8&0&0001).
Much like facial recognition, this distinct log entry clearly indicates that a person (or someone who managed to spoof the sensor) was present at the keyboard.
Post a Comment