Re: How do I read result of a QR Code

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 1/20/24 22:52, Tim via users wrote:
On Sat, 2024-01-20 at 17:54 -0800, ToddAndMargo via users wrote:
c) Something you are, such as a biometric. This method
involves verification of characteristics inherent to the
individual, such as via retina scans, iris scans, fingerprint
scans, finger vein scans, facial recognition, voice
recognition, hand geometry, and even earlobe geometry

The problem with biometrics, is that if you're identified by data about
you, that data is stolen, and someone can provide it on demand without
your presence, you can't change your authentication data.  If someone
can fake your biodata, they can do it forever.

Fingerprints lifted from the glossy surface of your phone, a
compromised service that held your data, a fraudulent service that gets
you to log into them...


Yikes!  The bad guys can just use a "keystroke" logger
stye malware to intercept your biometric data and then
they can repeat it at will.

This all goes back to using easy passwords.  And the
same passwords on different sites:

https://www.nist.gov/itl/smallbusinesscyber/guidance-topic/multi-factor-authentication

     "In fact, databases of known breached account information
     reveal the actual passwords in use around the world, and
     we can see that people typically fail to choose sufficiently
     long, complex, and unique passcodes. A study of the most
     common passwords used globally has “123456”, “qwerty”
     (six consecutive keys on a keyboard) and “password” among
     the top 5."

Add to that the foolish security sites that ask you to constantly
change your password all the time.  If the bad buys have not
figured out how to crack your password the first time, lets
give them another change every two weeks!  I have seen customers
with passwords on sticky notes on the bottom of the monitors:
abc!, abc!!, abc!!!, abc!!!!, etc. to revolve through their
passwords.  The revolving passwords silliness has been proven
time and again to lessen security.

Multi-Factor Authentication is a technique to try to get around
the users response to the obnoxious nature of passwords.
Whether or not it improves things or just manages to
further annoy the poop out of the users is up for debate.



--
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux