Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fingerprint Password...viable idea ...?


  • Please log in to reply
6 replies to this topic

#1 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:55 AM

Posted 02 September 2015 - 03:43 AM

http://nls.cnet.com/pageservices/viewOnlineNewsletter.sc?list_id=e497

 

 

 

 

"Fingerprints (and other biometrics) still have one fatal, unfixable flaw: permanence. If you suspect your password has been compromised, you can change it. If someone steals your fingerprint, you're compromised for the rest of your life. I'm reasonable certain someone will have a 3D print "kit" for forging a fingerprint from a photo within a few years. Once that happens, it's game over for fingerprint authentication."


Condobloke

Outback Australian  

 

fed up with Windows antics...??

 

LINUX IS THE ANSWER

 

I USE LINUX MINT 18.3  EXCLUSIVELY.

 Failure is not an option. It comes bundled with your Microsoft product.

 

Success is not Final, Failure is not Fatal,

 

It is the Courage to Continue that Counts.

W.C. 4th June 1940

 

 

 


BC AdBot (Login to Remove)

 


m

#2 mremski

mremski

  • Members
  • 480 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NH
  • Local time:10:55 AM

Posted 02 September 2015 - 05:32 AM

Multi factor authentication.  Fingerprint, retina scan, voice recognition, password plus verification code.  Then if you get a finger chopped off, an eyeplucked out, voice recorded you can still change your password and they'd need to guess the random 12 digit verification code.

 

fine powder and scotch tape seems to work well enough for law enforcement to get prints scanned and recognized...

 

Of course if everyone has an unique RFID chip implanted at birth, that could help.


FreeBSD since 3.3, only time I touch Windows is to fix my wife's computer


#3 rp88

rp88

  • Members
  • 2,895 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:55 PM

Posted 03 September 2015 - 02:15 PM

Another problem with fingerprints being used for access is that whereas it is very difficult to force someone to divulge a string of characters stored in their head it is very simple to grab someone's hand and force it i=onto a fingerprint reader, therefore it is tricky for an attacker to access a password protected system even if they have the owner captive, but it is simple for them to make the owner use his fingerprints under duress.


A third problem (to add to the "can change a password, can't change a fingerprint" and "fingerprints can easily be forcibly obtained" arguments) is that a fingerprint can also be obtained, as mremski mentions, with fine powder and tape, so someone using a fingerprint as their password would want to wear gloves everywhere they went for fear that every surface they touched would give away their "password", no such problem exists with passwords stored in the head.

Edited by rp88, 03 September 2015 - 02:15 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#4 yu gnomi

yu gnomi

  • Members
  • 532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago suburb
  • Local time:10:55 AM

Posted 23 September 2015 - 02:05 PM

I thought of this thread when I saw this story https://www.washingtonpost.com/news/the-switch/wp/2015/09/23/opm-now-says-more-than-five-million-fingerprints-compromised-in-breaches/



#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,592 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:55 AM

Posted 23 September 2015 - 03:11 PM

With rapidly changing technology, who knows what other alternatives may be available in the future.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 yu gnomi

yu gnomi

  • Members
  • 532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago suburb
  • Local time:10:55 AM

Posted 23 September 2015 - 03:24 PM

Google and microsoft both have free authenticator apps that you can install and run on your smartphone, for multi-factor authentication.



#7 rp88

rp88

  • Members
  • 2,895 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:55 PM

Posted 24 September 2015 - 02:57 PM

Regarding post #6


Just to mention, many websites thesedays, includng gmail, have 2 factor authentication on login, this can be done via a special program installed on the device you log in with, or by codes texted to your phones by sms or by a special number generating electronic device (some look a bit like calculators). This does improve security as it relies on something you know (the password) and something you have, the phone to receive sms texts or the special code generating device or the computer/phone with a special program or cookie on it.

Edited by rp88, 24 September 2015 - 02:57 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users