Hi @benitocereno, We use full time hello only when encryption keys are generated on Hardware TPM. We use standard Hello API provided by Microsoft. The API provides us something called attestation information to acquire cryptographic proof that the key is generated on the TPM.  Please go to security settings in Enpass, than turn off and on again. If a warning is shown it means that generated keys are not TPM bound. Hence, we can't use these keys for security reasons and Windows full-tim