Why doesnt windows require password for biometric auth?

Question

Apple (and I believe Samsung) devices require atleast one password auth before allowing finger/face auth. In Apple devices, if you fail bio auth a certain amount of times, they will strictly require password auth.On windows this is not so, in my experience. I can instantly use my face or password on system boot, and failing bio auth multiple times just requires me to click a couple buttons till I can try again. Do they believe in their auth so far? Or is it just a feature of Fastboot?(as in the fact that the password was verified once upon a time is flagged in fast boot)

necovek · Accepted Answer

Why does Apple or Samsung require one to enter their password at least once? Do they not trust their biometric auth?Obviously, one could argue one is safer than the other, and they both have their pros and cons.

Jtsummers · Answer

The password/PIN decrypts the data on iOS/macOS needed for touch or face ID to work. Too many failed attempts, a reboot, or too much time between attempts requires the data to be decrypted again, which requires your PIN or password.Why Windows doesn't require this generally, I don't know. One reason might be that the underlying hardware (equivalent to Apple's Secure Enclave) isn't on every device Windows runs on. Another might be that MS is just that much less concerned with security or the appearance of being secure.