PowerShell: Disable Windows Hello

function disableWindowsHello{
    $regHive='REGISTRY::HKLM\SOFTWARE\Policies\Microsoft\PassportForWork'
    $refreshEnv=$false    
    if (!(Test-Path $regHive)){
        Write-Host "Creating registry path $regHive"
        New-Item -Path $regHive -Force
    }
    if ((get-itemproperty $regHive -EA Ignore).Enabled -ne 0){
        New-ItemProperty -Path $regHive -Name 'Enabled' -Value 0 -PropertyType DWORD -Force
        $refreshEnv=$true
    }
    if ((get-itemproperty $regHive -EA Ignore).DisablePostLogonProvisioning -ne 1){
        New-ItemProperty -Path $regHive -Name 'DisablePostLogonProvisioning' -Value 1 -PropertyType DWORD -Force
        $refreshEnv=$true
    }
    if($refreshEnv){
        write-host 'refreshing environment...'
        & 'RUNDLL32.EXE' USER32.DLL, UpdatePerUserSystemParameters 1, True
    }
    write-host "Windows Hello has been disabled on $env:computername"
}
disableWindowsHello