As the reserve-your-copy of Windows 10 notifications start to emerge, I was hoping to get more information about the Windows Hello Passport biometric authentication. The information I have is that Hello allows you to (optionally) log in to Windows 10 and also participating websites based on (existing) fingerprint scanners, iris or (new) 3d face biometrics. The facial recognition appears to be based on 3d IR cameras. The backend seems to be based on Fido consortium U2F (universal two factor) biometric standards (which is potentially good for privacy to the extent that the certificates for the U2F are locally generated and unique per site). Aside from my normal antipathy to biometrics, I wondered if anyone had seen more analysis of the privacy implications of this authentication, and whether the authentication could be backed by a PIN. Can it be repudiated, and how? Is it local to the machine, or can it be put on a dongle? Are there ways to remotely determine those biometrics, and can you tell that the same person is accessing a site from different devices? Does the website access need the pin as well, or what? Any information gratefully received.