Biometrics Configuration Settings Biometrics Configuration Settings Biometrics Allow the use of biometrics This policy setting allows or prevents the Windows Biometric Service to run on this computer. If you enable or do not configure this policy setting, the Windows Biometric Service is available, and users can run applications that use biometrics on Windows. If you want to enable the ability to log on with biometrics, you must also configure the "Allow users to log on using biometrics" policy setting. If you disable this policy setting, the Windows Biometric Service is unavailable, and users cannot use any biometric feature in Windows. Note: Users who log on using biometrics should create a password recovery disk; this will prevent data loss in the event that someone forgets their logon credentials. Allow users to log on using biometrics This policy setting determines whether users can log on or elevate User Account Control (UAC) permissions using biometrics. By default, local users will be able to log on to the local computer, but the "Allow domain users to log on using biometrics" policy setting will need to be enabled for domain users to log on to the domain. If you enable or do not configure this policy setting, all users can log on to a local Windows-based computer and can elevate permissions with UAC using biometrics. If you disable this policy setting, biometrics cannot be used by any users to log on to a local Windows-based computer. Note: Users who log on using biometrics should create a password recovery disk; this will prevent data loss in the event that someone forgets their logon credentials. Allow domain users to log on using biometrics This policy setting determines whether users with a domain account can log on or elevate User Account Control (UAC) permissions using biometrics. By default, domain users cannot use biometrics to log on. If you enable this policy setting, domain users can log on to a Windows-based domain-joined computer using biometrics. Depending on the biometrics you use, enabling this policy setting can reduce the security of users who use biometrics to log on. If you disable or do not configure this policy setting, domain users are not able to log on to a Windows-based computer using biometrics. Note: Users who log on using biometrics should create a password recovery disk; this will prevent data loss in the event that someone forgets their logon credentials. Specify timeout for fast user switching events This policy setting specifies the number of seconds a pending fast user switch event will remain active before the switch is initiated. By default, a fast user switch event is active for 10 seconds before becoming inactive. If you enable this policy setting, you can configure the fast user switch event timeout to specify the number of seconds the event remains active. This value cannot exceed 60 seconds. If you disable or do not configure this policy setting, a default value of 10 seconds is used for fast-user switch event timeouts. Timeout in seconds: