Explore a comprehensive security conference talk that delves into vulnerabilities and potential exploits within Windows Hello and Windows Hello for Business (WHFB) authentication systems. Learn about advanced attack vectors including WHFB key provisioning during phishing scenarios, device code phishing, and credential phishing techniques. Discover how Windows Hello keys are protected and utilized on Windows devices, with detailed insights into leveraging these keys for lateral movement and maintaining persistence after gaining access to user sessions. Building upon previous findings that revealed gaps in Microsoft's promoted security features, examine how these passwordless authentication methods can be compromised without MFA and exploited for movement between Entra ID and on-premises Active Directory through cloud Kerberos trust.