FBI Forced Suspect to Unlock His iPhoneX Through Face ID

engadget.com/2018/10/01/fbi-fa

This is why biometrics are NOT secure. Biometrics should be treated as a UserID, and NOT as a password

@matt 2 factor, something you know and something you have. Biometric can be the have.

Follow

@DistroJunkie @matt
Not exactly, but bio does work great in a multifactor auth scenario (1. Something you know, 2. Something you have, 3. Something you are), so you could, and ideally shoulx still have a hardware token of some sort for any secure environments. But unfortunately, the people making mobile devices don't seem to be nearly paranoid enough :/

Would love to see a laptop or something with 3+ factor auth in mind from the start

@architect @DistroJunkie Thats what I'm saying:

1. Something you know = Password
2. Something you have = 2FA token/device/thing
3. Something you are = Username/Biometric fingerprint

If your system does not allow #2, then biometrics should ALWAYS be #3 on this list, and NEVER #1

@architect @matt I said biometric could count as something you have but something like a yubikey or a password would be much better.

Sign in to participate in the conversation
LinuxRocks.Online

Linux geeks doing what Linux geeks do...