jm + passwords + biometrics   1

Fingerprints are Usernames, not Passwords
I could see some value, perhaps, in a tablet that I share with my wife, where each of us have our own accounts, with independent configurations, apps, and settings.  We could each conveniently identify ourselves by our fingerprint.  But biometrics cannot, and absolutely must not, be used to authenticate an identity.  For authentication, you need a password or passphrase.  Something that can be independently chosen, changed, and rotated. [...] Once your fingerprint is compromised (and, yes, it almost certainly already is, if you've crossed an international border or registered for a driver's license in most US states), how do you change it?  Are you starting to see why this is a really bad idea?
biometrics  apple  security  fingerprints  passwords  authentication  authorization  identity 
october 2013 by jm

Copy this bookmark: