Security with "Use the Trusted Platform Module with Windows Hello"

Hi ag_mike_d,

"Without the TPM option enabled, Windows Hello stays within our process so any phishing attempts by a malicious process wouldn’t work. However with Enhanced Windows Hello, a malicious process can potentially trick you into accepting a context-less prompt in order to decrypt your data. We've included the above prompt to have the user confirm that they know the risks and that you trust other apps on your system which generate their own Windows Hello prompts."

I'm new to 1Password and I have to admit that the prompt spooked me! I admit that having to re-enter my master password after reboots is helpful in that it has forced me into remembering my long, cryptic password, but it is equally a nuisance.

Honestly, I still don't fully understand the risk and, yes, I've ready the article. Just to be certain, is it that a malicious app can trigger a Windows Hello authentication pretending to be 1Password and, if I authenticate, I will grant that malicious app access to my 1Password sites and logons?

It's just that I'm not sure exactly what the risk level is because I just don't understand how the malware will behave. 1Password is the only app on my PC that integrates with Windows Hello; if, for example, I would see an unexpected 1Password authentication, then for sure that would alert me that it may be due to a malicious app, which is a risk with risk I can live.

Thanks!