this post was submitted on 22 Nov 2023
456 points (98.7% liked)
Technology
58143 readers
4394 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Stop using biometrics for authentication!!!!!
Edit: lots of opinions below. Biometrics are a username, a thing you are. Finger printed can be taken from your laptop with a little powder and masking tape.
Use an authentacator app or security key kids!!
A username is not something "you are", it's something "you know". Biometrics are not nearly the same as usernames.
A username is something you are. It's you! You are 0xD.
A password is something you know. A security key is something you have.
When we interview security analysts you don't get past the first round if you disagree.
If your interview involves telling me a username is "something you are" rather than "something you know", I'm running away from that job as fast as I can.
Other people know your username.
How hard is this?
I guarantee you I know thousands of people's passwords as well, I just don't know the username associated.
By this same logic, other people could know your fingerprint since it's "something you are". No, other people cannot know your fingerprint. It's a complex mathematical equation to a computer. This is such a terrible take.
Source: CASP+ certified.