diff --git a/windows/security/identity-protection/hello-for-business/retired/hello-how-it-works.md b/windows/security/identity-protection/hello-for-business/retired/hello-how-it-works.md
index 5aa1fcad6a..1987c05d33 100644
--- a/windows/security/identity-protection/hello-for-business/retired/hello-how-it-works.md
+++ b/windows/security/identity-protection/hello-for-business/retired/hello-how-it-works.md
@@ -3,8 +3,7 @@ title: How Windows Hello for Business works (Windows)
description: Learn about registration, authentication, key material, and infrastructure for Windows Hello for Business.
ms.date: 10/16/2017
appliesto:
- - ✅ Windows 10
- - ✅ Windows 11
+- ✅ Windows 10 and later
ms.topic: article
---
# How Windows Hello for Business works in Windows devices
diff --git a/windows/security/includes/hello-cloud.md b/windows/security/includes/hello-cloud.md
index a0dfb0fb3e..e1f813e099 100644
--- a/windows/security/includes/hello-cloud.md
+++ b/windows/security/includes/hello-cloud.md
@@ -7,5 +7,5 @@ ms.topic: include
[!INCLUDE [hello-intro](hello-intro.md)]
- **Deployment type:** [!INCLUDE [hello-deployment-cloud](hello-deployment-cloud.md)]
-- **Device registration type:** [!INCLUDE [hello-registration-aadj](hello-registration-aadj.md)]
+- **Join type:** [!INCLUDE [hello-registration-aadj](hello-registration-aadj.md)]
---
\ No newline at end of file
diff --git a/windows/security/includes/hello-deployment-cloud.md b/windows/security/includes/hello-deployment-cloud.md
index 352adf1b84..8152da9722 100644
--- a/windows/security/includes/hello-deployment-cloud.md
+++ b/windows/security/includes/hello-deployment-cloud.md
@@ -5,4 +5,4 @@ ms.date: 12/08/2022
ms.topic: include
---
-[cloud :::image type="icon" source="../images/icons/information.svg" border="false":::](../identity-protection/hello-for-business/hello-how-it-works-technology.md#cloud-deployment "For organizations using cloud-only identities. Device management is usually done via Intune/MDM")
\ No newline at end of file
+[cloud :::image type="icon" source="../images/icons/information.svg" border="false":::](../identity-protection/hello-for-business/hello-how-it-works-technology.md#cloud-deployment "For organizations using Azure AD-only identities. Device management is usually done via Intune/MDM")
\ No newline at end of file
diff --git a/windows/security/includes/hello-hybrid-cert-trust-aad.md b/windows/security/includes/hello-hybrid-cert-trust-aad.md
index e1ecb19dc4..475eef648c 100644
--- a/windows/security/includes/hello-hybrid-cert-trust-aad.md
+++ b/windows/security/includes/hello-hybrid-cert-trust-aad.md
@@ -8,5 +8,5 @@ ms.topic: include
[!INCLUDE [hello-intro](hello-intro.md)]
- **Deployment type:** [!INCLUDE [hello-deployment-hybrid](hello-deployment-hybrid.md)]
- **Trust type:** [!INCLUDE [hello-trust-certificate](hello-trust-certificate.md)]
-- **Device registration type:** [Azure AD join](../identity-protection/hello-for-business/hello-how-it-works-technology.md#azure-active-directory-join)
+- **Join type:** [!INCLUDE [hello-join-aadj](hello-join-aadj.md)]
---
\ No newline at end of file
diff --git a/windows/security/includes/hello-hybrid-cert-trust-ad.md b/windows/security/includes/hello-hybrid-cert-trust-ad.md
index 6a207c6874..4691d86bc0 100644
--- a/windows/security/includes/hello-hybrid-cert-trust-ad.md
+++ b/windows/security/includes/hello-hybrid-cert-trust-ad.md
@@ -7,6 +7,6 @@ ms.topic: include
[!INCLUDE [hello-intro](hello-intro.md)]
- **Deployment type:** [!INCLUDE [hello-deployment-hybrid](hello-deployment-hybrid.md)]
-- **Trust type:** [!INCLUDE [hello-trust-certificate](hello-trust-certificate.md)]
-- **Device registration type:** [Hybrid Azure AD join](../identity-protection/hello-for-business/hello-how-it-works-technology.md#hybrid-azure-ad-join)
+- **Trust type:** [!INCLUDE [hello-trust-cloud-kerberos](hello-trust-cloud-kerberos.md)]
+- **Join type:** [!INCLUDE [hello-join-hybrid](hello-join-hybrid.md)]
---
\ No newline at end of file
diff --git a/windows/security/includes/hello-hybrid-cert-trust.md b/windows/security/includes/hello-hybrid-cert-trust.md
index 2fdd3bda52..8257bb90b0 100644
--- a/windows/security/includes/hello-hybrid-cert-trust.md
+++ b/windows/security/includes/hello-hybrid-cert-trust.md
@@ -8,5 +8,5 @@ ms.topic: include
[!INCLUDE [hello-intro](hello-intro.md)]
- **Deployment type:** [!INCLUDE [hello-deployment-hybrid](hello-deployment-hybrid.md)]
- **Trust type:** [!INCLUDE [hello-trust-certificate](hello-trust-certificate.md)]
-- **Device registration type:** [Azure AD join](../identity-protection/hello-for-business/hello-how-it-works-technology.md#azure-active-directory-join), [Hybrid Azure AD join](../identity-protection/hello-for-business/hello-how-it-works-technology.md#hybrid-azure-ad-join)
+- **Join type:** [!INCLUDE [hello-join-aadj](hello-join-aadj.md)], [!INCLUDE [hello-join-hybrid](hello-join-hybrid.md)]
---
\ No newline at end of file
diff --git a/windows/security/includes/hello-hybrid-cloudkerb-trust.md b/windows/security/includes/hello-hybrid-cloudkerb-trust.md
index dc67aa794f..c18d03021c 100644
--- a/windows/security/includes/hello-hybrid-cloudkerb-trust.md
+++ b/windows/security/includes/hello-hybrid-cloudkerb-trust.md
@@ -7,6 +7,6 @@ ms.topic: include
[!INCLUDE [hello-intro](hello-intro.md)]
- **Deployment type:** [!INCLUDE [hello-deployment-hybrid](hello-deployment-hybrid.md)]
-- **Trust type:** [cloud Kerberos trust](../identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md)
-- **Device registration type:** [Azure AD join](../identity-protection/hello-for-business/hello-how-it-works-technology.md#azure-active-directory-join), [Hybrid Azure AD join](../identity-protection/hello-for-business/hello-how-it-works-technology.md#hybrid-azure-ad-join)
+- **Trust type:** [!INCLUDE [hello-trust-cloud-kerberos](hello-trust-cloud-kerberos.md)]
+- **Join type:** [!INCLUDE [hello-join-aadj](hello-join-aadj.md)], [!INCLUDE [hello-join-hybrid](hello-join-hybrid.md)]
---
\ No newline at end of file
diff --git a/windows/security/includes/hello-hybrid-key-trust-ad.md b/windows/security/includes/hello-hybrid-key-trust-ad.md
index 4f84a118dc..a5074f5bd4 100644
--- a/windows/security/includes/hello-hybrid-key-trust-ad.md
+++ b/windows/security/includes/hello-hybrid-key-trust-ad.md
@@ -7,6 +7,6 @@ ms.topic: include
[!INCLUDE [hello-intro](hello-intro.md)]
- **Deployment type:** [!INCLUDE [hello-deployment-hybrid](hello-deployment-hybrid.md)]
-- **Trust type:** [key trust](../identity-protection/hello-for-business/hello-how-it-works-technology.md#key-trust)
-- **Device registration type:** [Hybrid Azure AD join](../identity-protection/hello-for-business/hello-how-it-works-technology.md#hybrid-azure-ad-join)
+- **Trust type:** [!INCLUDE [hello-trust-key](hello-trust-key.md)]
+- **Join type:** [!INCLUDE [hello-join-hybrid](hello-join-hybrid.md)]
---
\ No newline at end of file
diff --git a/windows/security/includes/hello-hybrid-key-trust.md b/windows/security/includes/hello-hybrid-key-trust.md
index 5319cbb313..6f655a6c2b 100644
--- a/windows/security/includes/hello-hybrid-key-trust.md
+++ b/windows/security/includes/hello-hybrid-key-trust.md
@@ -7,6 +7,6 @@ ms.topic: include
[!INCLUDE [hello-intro](hello-intro.md)]
- **Deployment type:** [!INCLUDE [hello-deployment-hybrid](hello-deployment-hybrid.md)]
-- **Trust type:** [key trust](../identity-protection/hello-for-business/hello-how-it-works-technology.md#key-trust)
-- **Device registration type:** [Azure AD join](../identity-protection/hello-for-business/hello-how-it-works-technology.md#azure-active-directory-join), [Hybrid Azure AD join](../identity-protection/hello-for-business/hello-how-it-works-technology.md#hybrid-azure-ad-join)
+- **Trust type:** [!INCLUDE [hello-trust-key](hello-trust-key.md)]
+- **Join type:** [!INCLUDE [hello-join-aadj](hello-join-aadj.md)], [!INCLUDE [hello-join-hybrid](hello-join-hybrid.md)]
---
\ No newline at end of file
diff --git a/windows/security/includes/hello-hybrid-keycert-trust-aad.md b/windows/security/includes/hello-hybrid-keycert-trust-aad.md
index dfc0d12624..664db48668 100644
--- a/windows/security/includes/hello-hybrid-keycert-trust-aad.md
+++ b/windows/security/includes/hello-hybrid-keycert-trust-aad.md
@@ -7,6 +7,6 @@ ms.topic: include
[!INCLUDE [hello-intro](hello-intro.md)]
- **Deployment type:** [!INCLUDE [hello-deployment-hybrid](hello-deployment-hybrid.md)]
-- **Trust type:** [key trust](../identity-protection/hello-for-business/hello-how-it-works-technology.md#key-trust), [!INCLUDE [hello-trust-certificate](hello-trust-certificate.md)]
-- **Device registration type:** [Azure AD join](../identity-protection/hello-for-business/hello-how-it-works-technology.md#azure-active-directory-join)
+- **Trust type:** - **Trust type:** [!INCLUDE [hello-trust-key](hello-trust-key.md)], [!INCLUDE [hello-trust-certificate](hello-trust-certificate.md)]
+- **Join type:** [!INCLUDE [hello-join-aadj](hello-join-aadj.md)]
---
\ No newline at end of file
diff --git a/windows/security/includes/hello-join-hybrid.md b/windows/security/includes/hello-join-hybrid.md
new file mode 100644
index 0000000000..550c6ee26d
--- /dev/null
+++ b/windows/security/includes/hello-join-hybrid.md
@@ -0,0 +1,8 @@
+---
+author: paolomatarazzo
+ms.author: paoloma
+ms.date: 12/08/2022
+ms.topic: include
+---
+
+[Hybrid Azure AD join :::image type="icon" source="../images/icons/information.svg" border="false":::](../identity-protection/hello-for-business/hello-how-it-works-technology.md#hybrid-azure-ad-join "Devices that are hybrid Azure AD joined do not have any dependencies on Azure AD. Only local users accounts and Active Directory users can sign in to these devices. If an Active Directory user is synchronized to Azure AD, she can can have single-sign on to both Active Directory and Azure AD-protected resources")
\ No newline at end of file
diff --git a/windows/security/includes/hello-on-premises-cert-trust.md b/windows/security/includes/hello-on-premises-cert-trust.md
index ab18370114..b106b5b8c8 100644
--- a/windows/security/includes/hello-on-premises-cert-trust.md
+++ b/windows/security/includes/hello-on-premises-cert-trust.md
@@ -8,5 +8,5 @@ ms.topic: include
[!INCLUDE [hello-intro](hello-intro.md)]
- **Deployment type:** [!INCLUDE [hello-deployment-onpremises](hello-deployment-onpremises.md)]
- **Trust type:** [!INCLUDE [hello-trust-certificate](hello-trust-certificate.md)]
-- **Device registration type:** Active Directory domain join
+- **Join type:** [!INCLUDE [hello-join-domain](hello-join-domain.md)]
---
\ No newline at end of file
diff --git a/windows/security/includes/hello-on-premises-key-trust.md b/windows/security/includes/hello-on-premises-key-trust.md
index 9990eed8b9..2a31c533c2 100644
--- a/windows/security/includes/hello-on-premises-key-trust.md
+++ b/windows/security/includes/hello-on-premises-key-trust.md
@@ -8,5 +8,5 @@ ms.topic: include
[!INCLUDE [hello-intro](hello-intro.md)]
- **Deployment type:** [!INCLUDE [hello-deployment-onpremises](hello-deployment-onpremises.md)]
- **Trust type:** [key trust](../identity-protection/hello-for-business/hello-how-it-works-technology.md#key-trust)
-- **Device registration type:** Active Directory domain join
+- **Join type:** [!INCLUDE [hello-join-domain](hello-join-domain.md)]
---
\ No newline at end of file
diff --git a/windows/security/includes/hello-registration-aadj.md b/windows/security/includes/hello-registration-aadj.md
deleted file mode 100644
index a05d0d55a4..0000000000
--- a/windows/security/includes/hello-registration-aadj.md
+++ /dev/null
@@ -1,8 +0,0 @@
----
-author: paolomatarazzo
-ms.author: paoloma
-ms.date: 12/08/2022
-ms.topic: include
----
-
-[Azure AD join :::image type="icon" source="../images/icons/information.svg" border="false":::](../identity-protection/hello-for-business/hello-how-it-works-technology.md#azure-active-directory-join "Learn more here")
\ No newline at end of file
diff --git a/windows/security/includes/hello-trust-certificate.md b/windows/security/includes/hello-trust-certificate.md
index 82dfd5e203..ffc705fde0 100644
--- a/windows/security/includes/hello-trust-certificate.md
+++ b/windows/security/includes/hello-trust-certificate.md
@@ -5,4 +5,4 @@ ms.date: 12/08/2022
ms.topic: include
---
-[certificate trust :::image type="icon" source="../images/icons/information.svg" border="false":::](../identity-protection/hello-for-business/hello-how-it-works-technology.md#certificate-trust "This trust type uses a certificate to authenticate the user to Active Directory")
\ No newline at end of file
+[certificate trust :::image type="icon" source="../images/icons/information.svg" border="false":::](../identity-protection/hello-for-business/hello-how-it-works-technology.md#certificate-trust "This trust type uses a certificate to authenticate the users to Active Directory. It's required to issue certificates to the users and to the domain controllers")
\ No newline at end of file
diff --git a/windows/security/includes/hello-trust-cloud-kerberos.md b/windows/security/includes/hello-trust-cloud-kerberos.md
new file mode 100644
index 0000000000..76dfb6c4a1
--- /dev/null
+++ b/windows/security/includes/hello-trust-cloud-kerberos.md
@@ -0,0 +1,8 @@
+---
+author: paolomatarazzo
+ms.author: paoloma
+ms.date: 12/08/2022
+ms.topic: include
+---
+
+[cloud Kerberos trust :::image type="icon" source="../images/icons/information.svg" border="false":::](../identity-protection/hello-for-business/hello-how-it-works-technology.md#cloud-kerberos-trust "This trust type uses security keys to authenticate the users to Active Directory. It's not required to issue any certificates, making it the recommended choice for environments that do not need certificate authentication.")
\ No newline at end of file
diff --git a/windows/security/includes/hello-trust-key.md b/windows/security/includes/hello-trust-key.md
new file mode 100644
index 0000000000..133f7f5204
--- /dev/null
+++ b/windows/security/includes/hello-trust-key.md
@@ -0,0 +1,8 @@
+---
+author: paolomatarazzo
+ms.author: paoloma
+ms.date: 12/08/2022
+ms.topic: include
+---
+
+[key trust :::image type="icon" source="../images/icons/information.svg" border="false":::](../identity-protection/hello-for-business/hello-how-it-works-technology.md#key-trust "This trust type uses a raw key to authenticate the users to Active Directory. It's not required to issue certificates to users, but it's required to deploy certificates to domain controllers")
\ No newline at end of file