>>> juice <juice@xxxxxxxxxxx> schrieb am 26.04.2022 um 09:11 in Nachricht <2a780de8-efb2-749b-de43-62978958fb57@xxxxxxxxxxx>: > On 4/26/22 09:41, Ulrich Windl wrote: >>> >>> Using fingerprint for *authentication* is totally broken concept which >>> should never be allowed. >> Why? Is a PIN any better? > > PIN is much better. You will not be leaving your PIN to any drinking > glass you handle or to doorhandles that you open. People leave > fingerprints all around the place and it has been repeatedly > demonstrated that fingerprints can be easily extracted and replicated to > silicone fingers which can be used to fool fingerprint readers. > > >>> We leave our fingerprints lying around all the time, and given malicious >>> enough adversaries they might as well take our fingers too. (I sure would >>> like to avoid that possibility!!) >> So you are saying users leave themselves lying around everywhere? ;-) > > People leave fingerprints. Fingerprints can be used to open devices > locked by fingerprint. There is also a risk that someone may kill you > and cut off your finger. > > >>> Fingerprints can be used on place of username, that is OK and does not >>> present similar risks. >> Fingerprints are mote than a userid IMHO. > > Fingerprint is exactly that, it is user identification. The police have > been using fingerprints now 130 years for identifying people. Some > misguided fools have been trying to use fingerprints as substitute for > phone unlock PIN for maybe 10 years or so. Actually I think using a fingerprint to unlock the phone is much safer than using a short pin or some swipe pattern: If someone watches me to unlock my phone using my finger in some public transport, he'll have trouble to unlock it if the phone is stolen, but you can easily watch the short pins or swipe patterns from the distance. Regards, Ulrich > > - juice -
Re: Antw: [EXT] Re: Disallowing fingerprint authentication if pam_systemd_home.so needs a password
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Antw: [EXT] Re: Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- From: "Ulrich Windl" <Ulrich.Windl@xxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 26 Apr 2022 09:53:44 +0200
- In-reply-to: <2a780de8-efb2-749b-de43-62978958fb57@swagman.org>
- References: <18b6966148a790c2b154cdd3eb25bcd37f4262a9.camel@sipsolutions.net> <YmaFx8xb95jIKrcJ@gardel-login> <5c72e0627209808262e1bbd14ebd3f73eb859907.camel@sipsolutions.net> <4CBF03CA-7A0A-4DBE-AD00-C6F3938FFB55@swagman.org> <62679423020000A100049967@gwsmtp.uni-regensburg.de> <2a780de8-efb2-749b-de43-62978958fb57@swagman.org>
- Follow-Ups:
- References:
- Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- From: Benjamin Berg
- Re: Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- From: Lennart Poettering
- Re: Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- From: Benjamin Berg
- Re: Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- From: juice
- Antw: [EXT] Re: Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- From: Ulrich Windl
- Re: Antw: [EXT] Re: Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- From: juice
- Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- Prev by Date: Re: Antw: [EXT] Re: Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- Next by Date: Re: Antw: [EXT] Re: Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- Previous by thread: Re: Antw: [EXT] Re: Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- Next by thread: Re: Antw: [EXT] Re: Disallowing fingerprint authentication if pam_systemd_home.so needs a password
- Index(es):
 |