Users across the web are reporting that Windows Hello no longer works in the dark. This change was first reported back in April, and unfortunately doesn't appear to be a bug. As detailed in April's Patch Tuesday release notes, Windows now requires both IR sensors and a webcam that can see your face to sign in.
Previously, Windows Hello relied on infrared (IR) sensors to create a 3D facial scan that it would then use to log you in. This is very similar to how Face ID on the iPhone works, and is why Windows Hello is an excellent, fast, and secure method of biometric authentication.
IR sensors also work in low-light environments, which is what previously allowed Windows Hello to work in the dark. However, a recent vulnerability discovered in Windows Hello has forced Microsoft to update how face unlock works. Now, Windows Hello "requires color cameras to see a visible face when signing in."
Most webcams on their own are unable to see in the dark, requiring an external light source to illuminate your face and surroundings. This is why Windows Hello has suddenly stopped working for users in many low-light situations, as it now requires a face to be visible via your webcam in addition to the 3D scan with IR sensors.
Curiously, users online have discovered that if you disable your webcam in the Windows Device Manager, Windows Hello will return to authenticating only with the IR sensors, restoring the ability to log into your PC in a dark room. But obviously, disabling your webcam does mean you can no longer use it for video calls.
I've tested this workaround and it indeed fixes the problem. Up until a couple of months ago, Windows Hello on my Surface Laptop 7 was able to authenticate me in the dark with no problems, but as of April 8, it stopped, requiring me to turn on a light or brighten my screen so that the camera could first see my face.
Microsoft says this change was made to fix a spoofing vulnerability in Windows Hello, meaning that although it no longer works in the dark, it should now be more secure as a result. It's just a shame that one of the advantages of using IR sensors to log in with your face is no longer applicable on Windows.
