Quick Links
- How Remote Fingerprint Unlock works
- Remote Fingerprint Unlock system requirements
- Remote Fingerprint Unlock features
- How to set up Remote Fingerprint Unlock
- Is it safe to use?
- Alternative option: PC Bio Unlock
Microsoft offers plenty of sign-in options and account protection mechanisms to protect your Windows PC, and you don’t necessarily have to rely on plain old passwords to secure them. Windows Hello, for instance, allows you to sign in with your face or fingerprint if your device has Windows Hello hardware. But what if your Windows PC doesn’t meet the necessary hardware requirements, and you still want to unlock your PC remotely? Well, you’re not entirely out of luck, at least not until you have an Android phone with a fingerprint scanner.
That’s right, there’s an Android app called ‘Remote Fingerprint Unlock’ which you can install on pretty much any Android phone with a fingerprint scanner, and use it to unlock your Windows PC remotely without any issues. This particular application was created by XDA Member Andrew-X, and it works very well.
Related
How to unlock a computer without the password
Did you forget your password? There’s still a way to get into your PC
How Remote Fingerprint Unlock works
Secure and seamless authentication
Remote Fingerprint Unlock requires two modules: a library for Windows and an Android app, which securely communicate between themselves over the local network. This means you can use the fingerprint sensor on your Android device to authenticate on the app and the Windows module, upon validating, seamlessly unlocks your Windows user account.
Under the hood, the credentials are encrypted using a key that is generated based on your fingerprint. Thanks to Android’s security mechanism, the key is safeguarded by the Trusted Execution Environment (TEE) of the SoC that powers the phone. The app itself doesn’t store any passwords, and it doesn’t even require internet permission to function.
The fingerprint authentication may fail to work on some devices, forcing you to troubleshoot by uninstalling the app and removing the stored fingerprints on your phone via the settings before trying again. It may or may not work even after troubleshooting, so keep that in mind. We were unable to get this app working on a OnePlus 12, but your mileage may vary.
Remote Fingerprint Unlock system requirements
Things you need to get this app working
Remote Fingerprint Unlock supports the following device configurations:
- Windows module:
- x86 or x64 architectures
- Note that Arm64 AKA Windows on Arm devices aren’t supported yet. We’ve reached to the developer about this incompatibility, and we’ll keep you updated with any info provided.
- Windows Vista, Windows 7, Windows 8/8.1, Windows 10, or Windows 11 PCs
- x86 or x64 architectures
- Android module:
- Android 6.0+
Remote Fingerprint Unlock features
Both free and Pro versions are available
The free version of Remote Fingerprint Unlock supports the following features:
- Support for remotely unlocking both local and online Microsoft accounts via fingerprint scanner
- Set up 1 PC with 1 account for remote unlocking
- Wi-Fi Tethering support
The pro features ($1.99 in-app purchase) include:
- No advertisements
- Adding multiple Windows PCs
- Adding multiple accounts per Windows PC
- Support Wake-on-LAN
How to set up Remote Fingerprint Unlock
Setting up Remote Fingerprint Unlock is fairly simple. All you need to do is download the Android app, install the Windows Fingerprint Credential Module, and go through the setup process in the app. As mentioned earlier, the utility doesn’t require an Internet connection, but a local network is still needed. Hence, you have to make sure that your Windows PC and your Android phone are connected to the same Wi-Fi/access point.
- Download and install Remote Fingerprint Unlock from the Google Play Store. You may have to download the APK from an external source, such as APKMirror, if Play Store doesn’t let you download the app for your version of Android.
- Download and install the latest Windows Fingerprint Credential module for your Windows PC.
- When prompted, click Yes to allow the module to automatically create the necessary TCP/UDP rules, so the two modules can communicate.
If you’re using a firewall other than Windows Firewall, you may need to create TCP/UDP rules to allow the modules to communicate.
- Open the Android app and go to the Scan section.
- Swipe down to scan for devices and select your laptop.
- Tap on the PC you want to set up. You can choose to give it a name and/or send a Wake-on-LAN packet if you have the pro version.
- After adding the PC, go to the Accounts section.
- Tap on Add Account. Enter the username and password of the account you want to remotely unlock. For Microsoft accounts, the username is your email.
- If you have more than one account, you’ll need to tap the one you want to use to make it the default.
Now that the modules are installed, you can try unlocking the PC.
- Lock your Windows PC and you should see a new user called “Fingerprint Unlock.” If it says the module is active, then you are able to proceed.
- Open Remote Fingerprint Unlock on your phone and go to the Unlock section (it should go there by default).
- Scan your fingerprint.
Your Windows PC will automatically unlock if you follow these steps. We recommend you check out the XDA forum thread if you have any issues setting it up.
Is it safe to use?
Security concerns around Remote Unlocking module
We understand that some of you may be wary of installing a Windows application like this. While we can’t guarantee that the app is safe to use since it isn’t open source, we do believe that the developer is trustworthy after having run it through various malware analysis tools and asking the developer to address what issues the tools picked up on.
For the sake of clarity, below you can find the conversation between XDA’s former Editor-in-Chief Mishaal Rahman and the developer, so you can decide for yourself:
Mishaal:
I ran it through VirusTotal and HybridAnalysis and they picked up the following results:
- Ikarus picks it up as “PUA.RVplatform”
- TrendMicro picks it up as “Suspicious_GEN.F47V0908”
- Filseclab picks it up as “Adware.CsdiMonetize.AI.twym”
After a week, the developer made some changes and reached back to me:
So, I did a few changes to the setup files a week ago and I have managed to reduce the number of detections to only 1/63 on VirusTotal, McAfee AV’s scanner being the only one that detected my setup as Adware. I have sent an email to them to report the false detection and I still haven’t received a response. This is the reason that I haven’t contacted you.
Surprisingly, I have scanned the latest release again and it comes clean. They probably updated their scanning engine, or whitelisted my setup but didn’t respond back. Either way, I’m glad that it’s finally not being falsely reported anymore.
However, the x86 version is still tagged as being malicious by Endgame, as seen here, even though the same AV does not detect the x64 version as being malicious. I’ll see if I can contact them somehow about this.
On Hybrid-Analysis, Filseclab detects it as being Adware.CsdiMonetize.AI.twym, most likely because I still include a Windows Update required for the application to run on Windows versions older than 10. The writing to the remote process “C:WindowsSystem32wusa.exe” refer to the aforementioned updates which are installed using the “wusa.exe” process and “C:WindowsSystem32cscript.exe” refers to the .vbs script that creates the Windows Firewall exceptions for the LogonUI.exe process (the process under which the application runs). The script is taken from here.
From his XDA thread, he also shared the following information:
I’ve spent about 40% of the development time making the app as secure as possible. The communication between modules is secured using TLS (SSL). The accounts are stored on your computer as they are required when unlocking. However, they are encrypted using a key that is generated based on your fingerprint. As per this article, the generated key is backed by a Trusted Execution Environment, which prevents an attacker from gaining access to the key even if he had compromised the kernel. In other words, only the enrolled fingerprints on your phone can access the key. If you do uninstall, reset your app or even if you change one of your registered fingerprints, the file where the accounts are stored is lost forever and you will need to reconfigure your accounts.
Lastly, research has been done to ensure that, even locally, your accounts are as safe as possible. No password is stored in-app and everything is done locally (between the app and the Windows module) and I’m not, in any way, shape or form, sending through the Internet or seeing anything that you type in-app.
As of May 2024, none of the security vendors listed under VirusTotal flags the Windows module of Remote Fingerprint Unlock (version 1.3.0 is the latest version at the time of writing). For enthusiasts, the installer is based on Inno Setup, which means you can easily decompile it using innounp or similar and take a sneak peek inside. All in all, we find the developer’s explanations to be sufficient.
Alternative option: PC Bio Unlock
For those who don’t want to download Remote Unlocking app from a third-party source
PC Bio Unlock from Meis Apps is a viable alternative that works similarly. The architectures of both solutions are similar, as you need to install a helper component on your computer, which communicates with the Android app. However, unlike Remote Fingerprint Unlock, PC Bio Unlock also supports Linux.
Here are the features offered by PC Bio Unlock:
- Windows
- Unlock the Windows Login/Lockscreen
- Unlock UAC prompt
- Linux
- sudo unlocking
- polkit (pkexec) unlocking
- GNOME, GDM, KDE and SDDM
The Android app is free to use, but you can unlock the following pro features via in-app purchase:
- Auto Unlock (when phone is in Wi-Fi or Bluetooth range)
- Wear OS Notification (allows unlocking through a watch)
- Unlimited devices
The configuration process of PC Bio Unlock is extremely similar to that of Remote Fingerprint Unlock. First, install the desktop companion app and set up the service, then install the Android app and follow the on-screen instructions to pair them.
The desktop companion application for PC Bio Unlock is written in Java, making it rather easy to port to other platforms. Besides Wi-Fi, it also supports discovering the target PC via Bluetooth. The developer open-sourced the authentication modules and the desktop companion app, which means one can easily audit the codebase. It’s also possible to further modify the codebase and add new features. Feel free to visit the official website to know more.
A convenient utility for Windows and Android users
Being able to unlock almost any Windows PC with a fingerprint scanner on your phone is pretty useful, especially if your PC lacks a biometric sensor. Most modern laptops do have Windows Hello support, but if you’re rocking an older machine or a desktop PC, then this can go a long way. These ingenious solutions are surprisingly easy to set up, and they get the job done better than you might expect. The Android app version that’s available to download may have some compatibility issues with your phone depending on its make and model, so keep that in mind.