Slashdot Asks: Should Businesses Switch To Biometric Passwords? (hbr.org) 204
This question was inspired by a recent article in Harvard Business Review:
It's become abundantly clear that passwords are an untenable way to secure our data online. And asking your customers to keep track of complicated log-in information is a terrible user experience... The threat to security when relying on passwords is one reason businesses are increasingly migrating to biometric systems. Identity verification through biometrics can ensure greater security for personal information, while also providing customers with a more seamless experience in the digital environment of smartphones, tablets, sensors, and other devices... the idea is to verify someone's identity with a high degree of assurance by tying it to multiple mechanisms at once, known as biometric modalities [which] when used in concert, can provide a significantly safer environment for the customer, and are much easier to use... [I]f an app simultaneously requires a thumbprint, a retina scan, and a vocal recognition signature, it would be close to impossible for a bad actor to replicate that in the seconds needed to open the app.
This got me curious -- are Slashdot's readers already seeing biometric verification systems in their own lives? Share your experiences in the comments, as well as your informed opinion. Do you think businesses should be switching to biometric passwords?
This got me curious -- are Slashdot's readers already seeing biometric verification systems in their own lives? Share your experiences in the comments, as well as your informed opinion. Do you think businesses should be switching to biometric passwords?
I'm not sure I like the idea... (Score:2)
I can see a whole lot of privacy and "Big Brother" problems with biometric authentication...
Re: (Score:2)
Re:I'm not sure I like the idea... (Score:5, Interesting)
However most of security problems are not from targeted attack but from broad sweeping ones. Back in the 1980 an insecure server was a server that didn't need a password to login. And for the most part they were safe because they didn't have information that people wanted or were such a small group they were not targeted for anything as to connect to the server they needed to know the telephone number and at $0.10 per call it was expensive to war dial. Once computers started to be connected to the internet at a significant level then they really needed authentication because it got easier and cheaper to just try a bunch of IP addresses. Biometric may not be good for access to a secure location or a high targeted attack. But for the bulk of the systems who are more or less just fallout from a wide attack can be much safer.
The real problem with biometric is the relative difficulty to program. We still have newly developed apps that store the passwords in clear text. Expecting developers to widely use a biometric alorithms which is much harder to code then a
SELECT uid FROM users WHERE loginname=@login and password=@password
Most institutions will not pay for skilled developers so they have kids out of college or an offshore developer with just rudimentary stills who may have energy and ambition but lack the experience to think of problems in term of full lifecycle needs. Forcing most programs to use the same biometric API and treating the data in the most haphazard way possible.
Re: (Score:2)
Biometrics are NOT passwords (Score:5, Insightful)
Biometrics aren't passwords, they are user IDs.
Treating them as passwords is a popular idea but will inevitably lead to disaster. Who would choose a password they could never change and then give that same password to countless other parties? Even if we did that, what would be the equivalent to good practices like storing password hashes instead of the originals in case of compromise?
Re: (Score:2)
Biometrics aren't passwords, they are user IDs.
They're neither. http://divegeekstuff.blogspot.... [blogspot.com]
Re: (Score:2)
(You posted that text, or something very like it, in another comment here on Slashdot, and I addressed your point in a reply there.)
Re: (Score:2)
Not necessarily. It is possible that the attacker would never guess your current password, and has not yet tried the new password, but does try it after you change it, thereby making it true that they only get in because you changed it.
Re: (Score:2)
I would argue that biometrics are a class in themselves. Essentially a checkbox. For authentication, you have your userID (the object that is asking for authentication.) You have the password (something you know.) You have a 2FA code (something you possess), and a fingerprint (something you are.) Sometimes, with geo-location, one can add somewhere you are.
Does it increase security? It is a security factor. Is it worth it over something like Duo or a PIN on the HID card reader? Depends on what is bei
Re: (Score:2)
Re: (Score:2)
Login name + password is authentication. Biometric + password is authentication.
No, username + biometric is authentication, same as username + password (but with different security properties). Login + biometric + password is stronger authentication. Biometric + password is... bizarre and probably bad. In a database of any size, the biometric will match multiple people, so the system will have to test the password against all of the matching accounts.
Re: Biometrics are NOT passwords (Score:2)
Re: (Score:2)
If I get the data for username or biometric, I can feed it back in to the front end and gain access. It is not hashed. If I get the hash of the password I cannot feed it in to the front end to gain access, nor can I derive the information (sans brute force w/ rainbow tables) needed to gain access.
Usernames and b
Re: (Score:2)
But I still don't know: if biometrics are neither user id's nor passwords, then what are they?
They're authenticators. Given a user's identity (e.g. username), plus a scan of a body part of the person trying to log in with that username, you can have a pretty solid idea of whether the person trying to log in is the person associated with the username. In that way it's much like a password... but the security model is entirely different, since the security derives from the difficulty of fooling the scanner into accepting a fake body part, rather than from the difficulty of obtaining or guessing a pass
Re: (Score:3)
I think the key to using biometric authentication safely is to never push it to the cloud, and thus eliminate the temptation to use it as a single-factor authentication, not to mention minimize the risk of getting it stolen. Instead, it should only be used when there's a secure electronic enclave that can store it and use it for authentication on your behalf.
In this way, your biometric data is just an authentication proxy on known-good systems. It doesn't leave your local devices, which means a random att
Re: (Score:2)
It will be much worse then that, since you cannot create a reliable hash from biometric data (since the biometric changes slightly from time to time) every off-line attack against a leaked database will be an instant reveal of all "passwords" since all of them will be your password=@password scheme.
Irrelevant, because biometrics aren't secret to begin with.
Re: (Score:2)
Exactly. It's like having your users write their passwords on a post-it note, and stick it on the foreheads rather than their monitors.
Re: (Score:2)
Exactly. It's like having your users write their passwords on a post-it note, and stick it on the foreheads rather than their monitors.
No, it's not. At all. Post-it notes on foreheads would be completely insecure. Biometric security can actually be quite good, even though the biometric data is public.
http://divegeekstuff.blogspot.com/2017/04/fingerprint-security.html
Re: (Score:2)
Re: (Score:2)
I agree. Unfortunately it's not "irrelevant" however since people/companies are trying to push biometrics in this direction.
For example?
Re: (Score:2)
Re: (Score:2)
Important thing (bank, production server) use your right thumb. Unimportant thing (crapdot, pinterest) use your left pinky.
Re:I'm not sure I like the idea... (Score:5, Insightful)
Re: I'm not sure I like the idea... (Score:5, Informative)
Re: I'm not sure I like the idea... (Score:5, Interesting)
More generally, if the information gets stolen, you can never change it.
This is true, but irrelevant. Replaceability is unnecessary for biometric security. Your biometrics wouldn't be any more (or less) secure if you could replace them.
That's why people should adopt the philosophies of "biometrics = who you are (username)"
This is also wrong. Biometrics are terrible identifiers. They have no uniqueness guarantees and cannot be matched exactly, which makes them prone to Birthday Paradox problems.
Here's my screed on fingerprint / biometric security [blogspot.com], which I'm going to post on every /. article where these incorrect ideas come up. Maybe it will help.
Claim:Fingerprint authentication is serious James Bond shizzle and it's totally secure.
No. No, it's not. See below.
Claim:Fingerprint authentication is insecure because you only have ten fingers, and when you've used them all you have no more new "passwords".
This is wrong, because it assumes that fingerprints (or other biometrics) are just a slightly different sort of password. They're not. Biometric authenticators are nothing at all like passwords; the security model is completely different. To understand how and why, we first need to understand the password authentication security model.
Why are passwords secure (when they are)? Passwords are secure when the attacker doesn't know them or can't guess them. That seems simple and obvious, but some subtleties arise when you think about howan attacker might acquire them. There are two primary ways: stealing copies somehow, and repeated guessing, also known as a "brute force search". These interact—in some cases the attacker can steal some information and guess the rest—and there are many methods of optimizing both, but it all boils down to getting a copy, or guessing.
Suppose the attacker has obtained a copy of your password, and you don't know it. Your security is compromised, but now the attacker has a choice. He can change your password, lock you out of your own account/device and use it for his own purposes, or he can leave your password and make covert use of your account/device/whatever. In many cases, the attacker opts for the latter approach because the former is too noticeable and the account/device often quickly gets shut down. Or suppose the attacker has obtained a copy of your password but hasn't gotten around to using it yet. In either case, changing your password shuts off the attacker's access, closing the window of vulnerability.
But there's another reason to change your password from time to time, and that's to protect it against compromise by guessing. Depending on how the system is built, what information the attacker has to start with and the attacker's resources, the attacker will be able to make guesses at some rate. If you change your password before the attacker can guess your password, the attacker has to start over. Another way to look at it is that as the attacker guesses, he gains knowledge about your password, because he knows a bunch of things it is not. When you change your password, that knowledge is invalidated.
In a nutshell: Password security derives from password secrecy, and you remove whatever knowledge the attacker has when you change it (assuming you don't just change a character or two). Another way of looking at it is that password secrecy erodes over time, and rotation restores it.
But... your fingerprints are not secret. You leave them on almost everything you touch. From a security perspective the only reasonable way to think about biometrics is that they are public information. We have to assume the attacker already has your fingerprints. In the case of smartphone or a credit card, odds are good that there are nice fingerprints on the device itself.
The purpo
Re: (Score:2)
Good identifiers should have uniqueness guarantees, biometrics don't. Good identifiers should always either match or not match, biometric matching is fuzzy, every match is a judgement call.
You make good points, here and throughout your post. However, I don't think the above undermines the biometrics-as-IDs analogy to the extent that you're arguing here. A great many online systems today use an email address as an ID, yet email addresses can suffer from exactly the same problems. We use a person's name and mailing address to send them post, but again the same problems can arise. In practice, not many IDs that we use are good identifiers by your definition -- and again, I'm not disputing that d
Re: (Score:2)
His arguments against using biometrics as identifiers were the birthday paradox and fuzzy matching, which absolutely don't apply at all to email addresses. Aside from very deliberate email account sharing between family members, no two people have any chance at all of having the same email address. Secondly, matching an email address is not fuzzy at all.
Re: (Score:2)
His arguments against using biometrics as identifiers were the birthday paradox and fuzzy matching, which absolutely don't apply at all to email addresses.
I'm sorry, but they most certainly do apply to email addresses.
For the birthday paradox, haven't you ever worked in an office that had addresses of the form j.smith@example.com, until both John and Jane Smith joined, and then suddenly their scheme broke down? Technically speaking everyone presumably has their own address according to some alternative scheme invented to avoid that problem, but in reality anyone who is familiar with the original scheme is quite likely to send mail to the wrong address.
For fuz
Re: (Score:3)
Fair enough, but those examples only apply to poorly-considered naming schemes (and the accompanying human assumptions) or improperly implemented mail systems. Per RFC 5321 [ietf.org], "the local-part of a mailbox MUST BE treated as case sensitive." These could lead to multiple identifiers that all map to a single email address (in the case of a case insensitive local-part), but not a single identifier mapping to multiple email addresses (the birthday paradox manifestation).
The fuzzy matching was more about the fact t
Re: (Score:2)
If you mean how could two people have the same email address, obviously they shouldn't, but many mail address assignment schemes are vulnerable to name/initials clashes and in practice result in one person with a similar name getting sent someone else's mail from time to time. There are also problems like domains being given up and then subsequently reregistered by someone else, for another example.
If you mean how could one person's email address be represented in multiple ways that map onto the same underl
Re: (Score:2)
Excellent post!
Re: (Score:2)
Re: (Score:3)
"you can never change it"
Your employer can change it with trivial effort. Just fire you and hire someone else.
Re: (Score:2)
Good luck with that!
Let me know when you can grow new fingers.
Re: (Score:2)
permanent password for a temporary feeling (Score:2)
Your biometric password can't be changed. Just because we don't know how to hack them now doesn't mean it won't be trivial in the future. finger print readers are wafer thin right now, whose to say a wafer thin electrode array can't drive one of these with some one eleses fingerprint. As for getting that finger print well, you will have it from any one of the biometric devices that the person gave it to.
It's just a passing phase in password land where biometric passwords are convenient but no ubiquitous
Re: (Score:2)
Frost betterave tosp! (Score:4, Insightful)
No.
TL;DR : not revokable, risk shifting (Score:5, Interesting)
First time poster, long time reader.
Biometric elements regarding authentication fail regarding two major issues.
First issue, they can't be revoked. There won't ever be a "change your retina" or "forgot my bird to flip" form. Forget being forgotten, forget witness protection etc.
Second major issue : risk shifting.
If my credentials have value, then it stands to reason I can be assaulted to get them. To protect itself, my employer asks me at least two factors and I am OK with what I know and what I have. Both can be acquired without major hurt to my person (yes, under duress I will gladly give them and no one could blame me).
Biometric elements, provided that a copy of what I am cannot fool the system WILL have to be harvested from me.
Therefore, Biometrics is still heck of a bad idea
Re: (Score:2)
"The result is that biometrics make the employee/customer/citizen(!) expendable."
They already are. What's the problem?
No (Score:2)
No! Of course not! (Score:5, Insightful)
Biometry is not suitable for authentication. Essentially using biometry is like using a password you cannot change, but constantly tell anybody around you.
It's trivial to keep your passwords secure, it's much harder to keep your fingerprint or iris pattern secure. Both can even be read out remotely.
Re: (Score:2)
BTW, here's a nice overview video on the topic:
https://media.ccc.de/v/31c3_-_... [media.ccc.de]
Re: (Score:2)
Re: (Score:3)
Well there are 2 big differences here:
1. You can change passwords, so even if it gets extracted from your brain (or more likely intercepted from your keyboard), you can simply choose another one.
2. You can voluntarily give up a password without any collateral damage. For example when you get threatened you can just give out the password instead of loosing your finger.
I'm sorry, but Biometry should have been dead when that McGuyver episode came out where he used a latent hand print on a hand print scanner.
Re: (Score:2)
1. You can change passwords, so even if it gets extracted from your brain (...)
If one can extract a password from your brain, he might surely get the new one... or even catch your intention to change it!
Re: (Score:2)
So in this extreme case, the password would be not safer than biometry, whereas in all other cases it's considerably better.
Of course there are also seriously better alternatives to passwords, for example public key authentication schemes. So in any event, biometry looses.
Re: (Score:2)
Why are you even still memorizing passwords? Mine are all random 13-letter strings that I store in a key safe.
Re: (Score:2)
Why are you even still memorizing passwords? Mine are all random 13-letter strings that I store in a key safe.
Businesses don't care enough about security to make their employees take two minutes to log into their workstations in the morning. Anything more than seven seconds is likely to be dismissed by the decision makers.
Convenience pushes our 'lazy' buttons, and security is not seen as being worth the cost. Unless that changes, there won't be much change in overall security.
Tea Leaves? (Score:2)
Why are you continuing to argue something that can not currently happen, and quite frankly may never happen? The first time I can let slide, but defending a hypothetical.. Really? Irrationality at it's finest.
Re: (Score:2)
I'm sorry, but Biometry should have been dead when that McGuyver episode came out where he used a latent hand print on a hand print scanner.
That MacGyver guy was certainly ahead of his time!
Re: (Score:2)
Actually not, there was an even older James Bond movie where he foiled fingerprint authentification via a faked fingerprint.
Re: (Score:2)
Re: (Score:2)
Well yes, they were late into the game. AFAIK that method has first been demonstrated in 2004 by Starbug from the CCC:
http://chaosradio.ccc.de/ctv00... [chaosradio.ccc.de]
http://chaosradio.ccc.de/media... [chaosradio.ccc.de]
Re: (Score:2)
Yup, there have been cases recently where people have used photographs to get a person's fingerprints. Amazing but true.
Getting rid of passwords is a good idea, though. It's just that replacing them with biometrics is a change for the worse. A change for the better is to use public key cryptography: instead of your keychain containing passwords that you have to remember and that are sent to the far end, you have public keys, possibly more than one, for every service you need to contact, and you use yo
Re: (Score:2)
Getting rid of passwords is a good idea, though. It's just that replacing them with biometrics is a change for the worse. A change for the better is to use public key cryptography: instead of your keychain containing passwords that you have to remember and that are sent to the far end
Passwords never have to be sent anywhere. You can use a zero knowledge proofs to determine mutual possession without leaking ANYTHING about the password other than binary outcome of whether fact of mutual possession has been established.
Don't confuse widespread adoption of stupidity (e.g. passwords entered into adhoc web forms) .. for something inherent to passwords. Widespread use of insecure authentication protocols and yes entering plaintext passwords over TLS counts as insecure authentication is direc
Re: (Score:2)
Biometry is not suitable for authentication. Essentially using biometry is like using a password you cannot change, but constantly tell anybody around you.
Wrong. http://divegeekstuff.blogspot.... [blogspot.com]
Re: (Score:2)
Ahh right, the "the sensor is secure" fallacy. Essentially the whole claim of this rant, carefully hidden behind lots of ramblings is, that somehow magically a sensor can get a full picture of what's in front of it, so it can somehow magically differentiate a fake finger from a real one.
Tell you what, even the most expensive systems are trivial to fake. Yes you can measure the pulse of a finger, but a simple silicone "mask" for your finger will give the same signal. Yes you can use a depth sensing camera, b
Re: (Score:2)
Ahh right, the "the sensor is secure" fallacy.
You didn't actually read the blog post. If you had, you'd have noticed that I covered that quite thoroughly, pointing out the major ways the sensor is and is not secure. Bottom line, it's context-dependent. Password security is also context-dependent. In either case, you have to understand the problem you're trying to solve in order to say whether or not a given solution addresses it adequately.
Re: (Score:2)
Well the simplest way for an unsophisticated attacker is to simply cut your finger off.
And seriously, we are already comparing biometry to the second worst authentication scheme... passwords.
If you want something more secure, but more convenient for the user, just add public key authentication to a password.
Re: (Score:2)
I don't think it is reliable enough (Score:2)
Too much room for false positives/negatives. I mean look at your phone: You can put a fingerprint on it but it'll require a backup PIN in case that doesn't work. You don't gain any security if there has to be a backup password, it is just a convenience thing.
The right answer is a smart card (or other device with that chip in it like Yubikey). Here you go to token+PIN. It's two factor, thus much harder for an adversary to get around, and it allows for a much shorter, easier to remember password. Reason is th
Re: (Score:2)
Biometric should only check WHO you are (Score:3)
Re: (Score:2)
Biometric is a ONLY username, not a password.
Wrong. http://divegeekstuff.blogspot.... [blogspot.com]
Re: (Score:2)
You are linking to a god damn blogspot post. FFS. Stfu
I'm linking to *my* blogspot post. I could have pasted the content here, but there's this nifty hyperlinking technology that's starting to take off...
Won't work seamlessly for everyone (Score:5, Informative)
first... (Score:2)
1. Don't enforce needlessly strict / complicated security policies for websites that don't matter that much.
2. Don't make me reset my password when I've merely forgotten it - it just puts me into a never-ending loop of creating harder and harder to remember passwords that need to be constantly reset.
3. Provide easy to use 2 factor authentication that lets me use simpler passwords, or even delay the "authentication" to be when I pay for something and validate my billing
Re: (Score:3)
Don't make me reset my password when I've merely forgotten it
If a site doesn't make you reset, never go back. It means they have your password in plaintext, and that they'll send it to you in plaintext.
Biometrics are passwords you can't change (Score:2)
For remote use, there is not a lot of difference between biometrics and passwords, except that:
-- you can't change the biometrics if they are compromised
-- there is little scope for using different credentials for different sites
Can't see any advantages to them, and I really don't want to be authenticating to my bank with the same credentials I use for Slashdot.
Identification, not authentication (Score:5, Informative)
Let's take a look at the characteristics of a username:
And let's take a look at the characteristics of a password:
Now, let's take a look at what a fingerprint or other biometric property is:
Conclusion: biometric properies are more like usernames, not like passwords. So, use them for identification, not authentication. Any biometric system supplier telling you otherwise is just telling marketing nonsense.
[1]: http://www.tomsguide.com/us/ph... [tomsguide.com]
Re: (Score:2)
Re: (Score:2)
It's almost as if you didn't read the comment you replied to. Or your tone is just off.
Re: (Score:2)
Conclusion: biometric properies are more like usernames, not like passwords. So, use them for identification, not authentication.
Wrong. Biometrics are lousy usernames (and lousy passwords). They're good authenticators in many situations, but the model is entirely different. http://divegeekstuff.blogspot.... [blogspot.com]
Re: Identification, not authentication (Score:2)
Re: (Score:2)
I agree fingerprints are not very good usernames. I personally wouldn't use biometrics for anything. However, the article you link to has many flaws. Lots of false arguments. Since it's a long article, going into all the details takes more time than I have right now. Maybe later.
Since I've been doing biometric security for nearly 20 years, as my day job, I'd be very interested in exactly what "flaws" you think you find in my arguments. I suspect that it's your counterarguments which are flawed. Oh, I suppose there are nits you can pick -- I could point out a bunch of those myself -- but nothing more.
Not likely, no (Score:2)
The problem with most biometric systems is that we literally leave our password behind on everything we touch.
Biometrics as a sort of user ID, on the other hand...
2FA (Score:2)
Why solve a problem already solved? Just use 2FA. Problem SOLVED.
Re: (Score:2)
Biometric data needs to be decryptable thus can be (Score:2)
Very bad idea (Score:2)
Authentication without identification (Score:2)
In most cases there's no good reason to prove your identity. What you need to prove is your right to do whatever it is you're doing. I don't want to give an online store the information that would let them buy things with my credit card, or which could be stolen and misused by others. The information I give to buy something from Amazon should not be sufficient to buy something from Apple.
No - of course not (Score:2)
By all means, have a biometric username, but never have a biometric password. It's a basic rule for anyone that actually understands how to implement auth in the real world.
Easy to change a real password, impossible to change a biometric password..
Anybody ever hear of the crossover rate? (Score:4, Interesting)
Any discussion of biometrics without discussing the crossover rate (or Equal Error Rate) is woefully incomplete. see this explanation: https://security.stackexchange.com/questions/57589/determining-the-accuracy-of-a-biometric-system
The crossover rate is that point in the sensitivity settings of the system that yield minimum errors, where the False Acceptance Rate = the False Rejection Rate. In layman's terms, you're letting in unauthorized bad guys at the same rate you're keeping authorized good guys out. Any biometric system that doesn't list their crossover rate is pure snakeoil. Run away.
Another data point few consider. A Large Theme Park used biometrics a few years back for their annual ticket holders. It soon became known as the "identical twins two-for-one sale". Can your biometrics discern identical twins? Few can.
Too easy to forge wholesale (Score:2)
Most biometric scanners have poor resolution and are easily defeated with very modest resources. MythBusters did a very good episode about the ease of replicating fingerprints, and found recent scanners that could be defeated by copying a fingerprint on a laser printer and simply moistening the printout. There was also an infamous paper, available at https://cryptome.org/gummy.htm [cryptome.org], describing more sophisticated approaches with the image transferred to gelatiin. That has never been refuted since its original
Nope (Score:2)
Biometric authentication is like a password that can never be reset, can be stolen off your body, and in some cases, that you accidentally leave copies of all over the place (fingerprints). They're fine as a second factor but the hard, cold, fad-deflating truth is that nothing beats the security of the good ol' password. A strong password can be hard to crack and is the hardest form of credentials to steal (requires torture or an fMRI machine). People are often careless with passwords but biometrics are no
Ridiculous. (Score:2)
Yeah... just waiting for the next headline from "Slashdot Asks"
Slashdot Asks: Should I Saw Off An Employee's Legs To Keep Him From Leaving The Company
Brilliant idea (Score:2)
I use (Score:3)
Every so often it requires me to use my regular login credentials.
It works very well indeed.
And yes, if someone cut off my finger or thumb, and it was one of the ones registered in the phone, or if someone caught my fingerprints some where, and went on a MythBusters type effort, where they lifted the print, and went through gyrations to duplicate it. Yup, they could break into my phone.
y tho?
That's a metric fuckton of trouble to go to, and if the standard login pops up on them, they wasted a lot of effort to spoof my fingerprint. Then steal my phone, and somehow keep me from erasing the phone as soon as I noticed it gone. And my credit card puts a hold on any large purchase, and calls a different number for verification before it allows it, and if not verified as legit, cancels the card.
It isn't perfect. But it's pretty good. Perfection is too often the enemy of pretty good.
Fun thought (Score:2)
I don't even give my company access to medical history, what makes you think I would give them biometric data ?
With unique personally identifiable information now traversing the corporate networks, are they going to be forced to implement HIPAA standards to protect it ?
I doubt most companies will want to go that route due to cost, upkeep and penalties should that data get compromised.
From the side business angle... (Score:2)
Nope. (Score:3)
Businesses should not switch to biometric passwords. They could use biometry for convenience paired with password for security, but biometry isn't enough for one main reason: if someone figures a way of replicating even a single biometric identification, the whole system is defeated.
It's a difference between replacing a single user password versus possibly having to recall and replace all hardware, and the entire system behind it.
You can easily replace passwords. Biometrics cannot be replaced.
It uniquely identifies people and is uniquely tied to each one, which also creates a problem regarding privacy.
It's always a bad idea to use something that is uniquely identifiable as a password, because you end up running in scenarios where anonymity becomes impossible.
And in the end, the problem with security systems is that they are prone to failure due to a bunch of different factors.
Smartphone fingerprint readers were easily defeated just recently because they were implemented to work faster.
http://www.computerworld.com/a... [computerworld.com]
Technology catches on. We'll always be one step from a scanner with high enough resolution and a printer of some sort with high enough definition and usage of the right materials.
You know what people said about fingerprint readers in the past? That it would be close to impossible to replicate because of how complex our fingerprints are. That argument being made by Harvard Business Review in the end of the quote is just the same. We can't assume how hard it's gonna be to replicate even if you are tying a bunch of biometrics together because it hasn't been out yet, nor there's any incentive for people to break it just yet. If someone haphazardly implements it through a wide range of businesses, then all bets are off.
Also, companies behind such systems will always fail to recognize the problem because recalling and replacing devices will always be impossibly expensive, and in several instances we're basically relying on security through obscurity.
https://www.forbes.com/sites/e... [forbes.com]
https://hackaday.com/2015/11/1... [hackaday.com]
Now, with things as they stand, imagine this scenario: as we all know, several companies nowadays are basically building entire dossiers about each and every costumer with all sorts of information about them to sell for advertisers and whatnot. Imagine if biometrics got into that, and then innevitably one of those companies gets hacked or leaks their entire databases. Instead of people scrambling to reset and change their passwords, we'd get people who could do nothing about it, biometrics in the wild, just waiting for someone to come up with a way to use/replicate them. This happens to enough businesses and enough databases, biometric data becomes something as easy to find out as an address or name.
YES! (Score:2)
Biometrics apparently cannot even be defined? (Score:2)
Reading the commentary here it is obvious that biometrics is a mess. Some think it's a user ID, others a password, and the list goes on.
If it is so confusing here just imagine how bad it would be for the millions of implementers out there who can't even grasp the concept of going beyond a cleartext version of a password in a database.
Biometrics may not offer much protection. (Score:3)
all can ultimately be transformed into Something You (or a computer) Knows. Therefore, almost every multi-factor authentication system depends on several things that an attacker can discover, and mimic.
The security industry has found that biometerics have a major down side, in that they can't be changed. Once they are discovered by attackers, they are permanently discovered.
For example, the major compromise of the US Office of Personnel Management by the Chinese in 2015 disclosed 5.6 million recorded fingerprints. This included everybody who had a security clearance, and all covert agents in Intelligence and law enforcement. Since biometerics can't be changed, it will take decades before this compromise stops causing harm to the US government. US Covert agents can be identified. Any attempt to use fingerprint biometerics for these people can now be more easily attacked: https://en.wikipedia.org/wiki/... [wikipedia.org]
Every government has aggressively begun to collect biometeric information from every possible source. Shortly afterwards, almost every government database of collected biometerics has been successfully compromised. Biometric information is collated by insurance, law and intelligence agencies. It is sold and resold on the various criminal marketplaces.
Part of this flourishing criminal marketplace in biometeric information includes permanent, unchangeable health and medical information: https://hipaahealthlaw.foxroth... [foxrothschild.com]
Also, US courts have ruled that biometeric info has almost no legal protections against collection, resale or forced disclosure.
Therefore, some security professionals now believe that well funded attackers can overcome the biometeric parts of an authentication system with less expense than overcoming a password.
Biometrics are not secure (Score:2)
Biometrics are good for identification, i.e. you take someone's fingerprint and compare it to a database. Someone can't show up with a severed or fake one and fool you with it.
It does not work for authentication, however. Imagine a password that you can never change and you leave pieces of it everywhere you go... well that's exactly what your fingerprint is. Maybe retina scans are better, but I have serious doubts, the biggest being that if it ever does become compromised, again, you can't change it. Voice
No, because most business rely on Facebook (Score:2)
Re: (Score:2)
Re: (Score:2)
Except that real users don't follow those rules anyway. If they did, they'd have to break
* rule number 5 -- keep your passwords in your head, not written down where they can be stolen.
Re: (Score:2)
Mod parent up, please