Add key registration and certificate enrollment phases to how-it-works.md

2025-06-20 12:53:38 +00:00 · 2024-01-08 12:09:00 -05:00
parent e274bb1da8
commit 92730fcb63
1 changed files with 12 additions and 2 deletions
--- a/windows/security/identity-protection/hello-for-business/how-it-works.md
+++ b/windows/security/identity-protection/hello-for-business/how-it-works.md
@ -46,17 +46,27 @@ Windows Hello for Business is a distributed system that requires multiple techno
    
    :::column-end:::
 :::row-end:::
+:::row:::
+    :::column span="":::
+    **Key Registration**
+    :::column-end:::
+:::row-end:::
 :::row:::
    :::column span="1":::
-    **Key synchronization**
+    :::image type="content" source="images/howitworks/key-synchronization.png" alt-text="Icon representing the synchronization phase.":::
    :::column-end:::
    :::column span="3":::
        In this phase, applicable only to hybrid deploments, the user's public key is synchronized from Microsoft Entra ID to Active Directory.
    :::column-end:::
 :::row-end:::
+:::row:::
+    :::column span="":::
+    #### Certificate enrollment phase
+    :::column-end:::
+:::row-end:::
 :::row:::
    :::column span="1":::
-    **Certificate enrollment**
+    :::image type="content" source="images/howitworks/certificate-enrollment.png" alt-text="Icon representing the certificate enrollment phase.":::
    :::column-end:::
    :::column span="3":::
    This phase occurs only in certificate trust deployments. A user certificate is issued by an internal PKI and the public key stored in the Windows Hello container