You can use your Ledger Nano S and your Ledger Bue with Windows Hello. It works on Windows 10 (minimum version 14393, last version 15063 is recommended). It requires one USB port to plug your Ledger Nano S or your Blue. it doesn't work on Android and iOS.
The Nano and the HW.1 don't support Ledger Hello.
If you have a Nano S, first make sure you run 1.3.1 firmware. To know if you need to update, open the Settings on the Nano S itself, and go to Settings > Device > Firmware. Follow these steps if you need to upgrade. The Blue doesn’t require any specific firmware.
WHAT IS LEDGER HELLO FOR ?
With Ledger Hello you can configure your Ledger device to sign in on Windows through the "Windows Hello" system, and unlock your Windows device each time it is required.
HOW TO INSTALL LEDGER HELLO
Now your are ready to use Ledger Hello
HOW TO USE LEDGER HELLO
You can register other devices by clicking the blue “+ REGISTER” button (you can register up to 5 devices).
You can delete your registered devices by clicking the trash icon (icon is visible when hovering the device line).
WHEN TO USE LEDGER HELLO
If your Ledger device is not plugged in, plug it, open the Ledger Hello app on your device, authentication will start automatically.
By default, unplugging your Ledger Device or closing the Ledger Hello app on your device will lock your workstation. You can deactivate that option in “Settings”, then “Unplug to lock”.
HOW DOES IT WORK
This application helps you secure your workstation access, by using the Windows Hello service (available from Windows 10 14393 build). With Windows Hello, you can unlock your workstation with alternative ways : biometrics (fingerprints, face recognition), or, what interests us, with companion devices. With Ledger Hello you can use your Ledger Device as a Windows Hello companion device, allowing strong authentication procedures to log on your workstation, instead of using a simple password or PIN (which are sensitive to keyloggers).
Ledger Hello uses HMAC SHA-256 challenge-response algorithm, involving random nonces generation, thus protecting against replay attacks. Private keys are stored in the chip’s Secure Element, preventing their leakage.
Due to a Framework limitation Windows Hello cannot be used for cold login (log-in after reboot, log-in on a signed out session), it can only be used on a locked session. We will update Ledger Hello application when the framework will allow cold login.
When an update is available your desktop application will display a message to download and install the last release.