Security and privacy

About Windows Hello security in 1Password for Windows

Learn how to protect your data when you use Windows Hello on your PC.

When you use Windows Hello on your PC, you can unlock 1Password with your face, fingerprint, or companion device. Because you can unlock 1Password so easily, you can use a longer and more secure Master Password than you might otherwise have chosen.

Your biometrics are not stored in 1Password

1Password never scans or stores your fingerprint or face. Windows Hello only tells 1Password if your biometrics or companion device were recognized or not.

Learn more about Windows Hello security and privacy.  

Your Master Password still protects your data

Using Windows Hello in 1Password doesn’t replace your Master Password or undermine the security of 1Password. Your data is encrypted with your Master Password and Secret Key, and that remains true even with Windows Hello turned on.

Your Master Password is not stored on your PC

When you use Windows Hello, your Master Password is never stored on disk. Instead, 1Password generates a unique, encrypted secret for Windows Hello to access in your computer’s memory only. If authentication fails, that secret is reset, and your Master Password must be used to unlock 1Password. Your Master Password is also required after you exit 1Password or restart your PC.

Protect yourself when using Windows Hello

Follow these tips to stay safe with Windows Hello:

  • Use a strong, alphanumeric PIN when you set up Windows Hello. It’s always possible to use your Windows Hello PIN to unlock 1Password, so make sure your PIN is strong and memorable. Consider using the 1Password password generator to generate it.

  • If you’re concerned someone may attempt to use your face or fingerprint without your consent, turn off Windows Hello. Retrieving your Master Password from your mind while you sleep is still in the realm of science fiction. However, your face and fingerprint can be used without your consent whether you’re sleeping, unconscious, or otherwise. If you anticipate such a situation, turn off Windows Hello.

Learn more

Published: