You only need to visit or watch the live feed of some of the seminars or keynotes at this year's Microsoft Build developers conference to realise that Windows 10 is a massive leap forward for the company.

Not only will it work across and drive multiple devices, including smartphones, tablets, PCs, Xbox One and the HoloLens augmented reality headset, but there are so many new features and changes that it will present a very different experience to Windows operating systems we've seen before.

One of those is Windows Hello, the company's new biometric security system which will ensure that all devices will be individually locked and will protect your files and information from being hacked or stolen.

But how is that any different to the password system we already use? And why is it more secure? We've put together a few key facts about Windows Hello to give you more of an idea.

Windows Hello is the name of Microsoft's biometric security system for Windows 10. It essentially works both on the front end of a Windows 10 device, be that a phone, tablet or laptop, to provide a more secure system to unlock the machine, and can be implemented by app developers to add extra levels of security for their software.

Using a new version of Windows Passport, Windows Hello requests a four digit PIN number rather than a password for login. It can also be associated with fingerprint, face and iris recognition hardware so can unlock your kit by biometric sensors instead.


The cunning part is that thanks to new security software running in the background, your Windows PIN will be directly associated to your device - they are locked together - so if you lose the device, nobody else can unlock it unless they have your PIN. In addition, if they have found out your PIN, it won't work on any other device not associated with your account, so they cannot hack your data from a separate device.

And the PIN code is not stored on your device or separate servers, so it cannot be discovered, even if a site or app locked by your PIN has been compromised.

Your face, fingerprint and iris information can be read by specific sensors to also unlock your device. It's not backwards compatible with current devices, as they require specific equipment - for example, the face recognition requires an IR camera - but we would imagine hardware manufacturers will be adding the technology soon after Windows 10 launch in new devices.


They also have interesting levels of extra security. The face recognition can't be fooled into unlocking through, say, showing the camera a photography (as it uses IR). Also, no related images of you are stored on the device or even on a server, just the information required to recognise your face, digit or eye.

Your Windows Hello PIN or biometric entry system can also be used to make purchases on the Windows Store and potentially any app that requires payments or authentication. You can use your same PIN across everything, for example, negating the need to remember numerous different passwords, yet still remain secure as the online stores do not store that code on their own servers.

For example, if Amazon was to implement the Windows Hello APIs in its store app, you could authenticate payments through the Windows Hello PIN but that PIN would never be stored on Amazon's servers. If its servers are compromised in future, thieves would not be able to find out your authentication PIN that way - unlike current password systems.


And even if they found out your PIN somehow, they would need your actual phone, laptop or tablet to use it.

You will also be able to pay for items using your face, fingerprint or a scan of your iris.

A single PIN, which is associated with your Microsoft account, can be used across all your Windows 10 devices. Each device is therefore associated to your profile. That means you still only need to use the same PIN code (or biometric entry) for your phones, laptop, tablet, etc, yet they all remain equally secure.

If you lose any one device, you need only report it on an online web portal and that device will be disassociated with your account and be permanently locked remotely for you.

You will be able to set up multiple profiles on a device, each with their own PIN or biometric entry system. If you have a child, for example, you can set up their profile so the device opens with their face or PIN and will then directly boot to the appropriate content for them.

Essentially, from the demo of the system we had at Build 2015 in San Francisco it makes things much more simple for the end user, yet with higher levels of security than the current system. And that surely is a good thing.