From e2f4801e853925e4a68e7bf6ffe635fff8af932b Mon Sep 17 00:00:00 2001 From: mapalko Date: Wed, 16 Sep 2020 11:29:49 -0700 Subject: [PATCH] Updated Key-Trust RDP in FAQ and TOC --- .../identity-protection/hello-for-business/hello-faq.md | 2 +- windows/security/identity-protection/hello-for-business/toc.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md index 390355cb33..e6d36e6967 100644 --- a/windows/security/identity-protection/hello-for-business/hello-faq.md +++ b/windows/security/identity-protection/hello-for-business/hello-faq.md @@ -28,7 +28,7 @@ Windows Hello for Business is the modern, two-factor credential for Windows 10. Microsoft is committed to its vision of a world without passwords. We recognize the *convenience* provided by convenience PIN, but it stills uses a password for authentication. Microsoft recommends customers using Windows 10 and convenience PINs should move to Windows Hello for Business. New Windows 10 deployments should deploy Windows Hello for Business and not convenience PINs. Microsoft will be deprecating convenience PINs in the future and will publish the date early to ensure customers have adequate lead time to deploy Windows Hello for Business. ## Can I use Windows Hello for Business key trust and RDP? -RDP currently does not support key based authentication and does not support self signed certificates. RDP with Windows Hello for Business is currently only supported with certificate based deployments. +RDP currently does not support using key based authentication and self signed certificates as supplied credentials. RDP with supplied credentials Windows Hello for Business is currently only supported with certificate based deployments. Windows Hello for Business key trust can be used with [Windows Defender Remote Credential Guard](https://docs.microsoft.com/windows/security/identity-protection/remote-credential-guard). ## Can I deploy Windows Hello for Business using Microsoft Endpoint Configuration Manager? Windows Hello for Business deployments using Configuration Manager should use the hybrid deployment model that uses Active Directory Federation Services. Starting in Configuration Manager version 1910, certificate-based authentication with Windows Hello for Business settings isn't supported. Key-based authentication is still valid with Configuration Manager. For more information, see [Windows Hello for Business settings in Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/windows-hello-for-business-settings). diff --git a/windows/security/identity-protection/hello-for-business/toc.md b/windows/security/identity-protection/hello-for-business/toc.md index 3fe33458fc..8ec19c126f 100644 --- a/windows/security/identity-protection/hello-for-business/toc.md +++ b/windows/security/identity-protection/hello-for-business/toc.md @@ -16,10 +16,10 @@ ## [How Windows Hello for Business works](hello-how-it-works.md) ### [Technical Deep Dive](hello-how-it-works.md#technical-deep-dive) -#### [Technology and Terminology](hello-how-it-works-technology.md) #### [Device Registration](hello-how-it-works-device-registration.md) #### [Provisioning](hello-how-it-works-provisioning.md) #### [Authentication](hello-how-it-works-authentication.md) +#### [Technology and Terminology](hello-how-it-works-technology.md) ## [Planning a Windows Hello for Business Deployment](hello-planning-guide.md)