Currently any process on user machine can initiate WinHello prompt to decrypt stealed masterkey data.
Proposal:
Add an entity to opened DB with user text and show this text when unlocking in WinHello windows caption.
User then can verify if it his secret text and decide to trust or not to such prompt.
Currently any process on user machine can initiate WinHello prompt to decrypt stealed masterkey data.
Proposal: Add an entity to opened DB with user text and show this text when unlocking in WinHello windows caption. User then can verify if it his secret text and decide to trust or not to such prompt.