I agree, except the idea of passwords being compromised is far easier than
a password.  The use of passwords especially the 4 digit pins that secures
our banking info is ludicrous.

I am very fond of using NFC lock on a electronic device like a phone, then
use fingerprint on the phone.  A key is no good without a lock, and a lock
is no good without the key.

So, placing the unlock on the phone, with the secondary unlock being
biometric makes far more sense.  If the biometric was used with a key on
the device to generate a consistent new key, (think of the fingerprint
being the salt of an encryption algorithm), this would be very secure.
Steal my fingerprint, and without they key (on the phone) and it does you
no good.  Steal the phone without  the fingerprint, and it does you no
good.  Now you need a double breach to compromise your data.

While nothing is 100% the use of fingerprint and key is a huge improvement
over current systems or anything mentioned in this article.

The biggest issues with passwords is that if they are not easily
remembered, users write them down, or use a password tool like Last Pass or
1Password.  If they are easily remembered, they are easily guessable.
Therefore the use of passwords is inherently flawed.  Biometrics can't be
guessed.

Just my $0.02

Kevin
On Nov 22, 2014 12:41 PM, "Paul Mooring" <paul@getchef.com> wrote:

> This article makes some excellent points about using fingerprints as
> authentication, but I find it's conclusion of continuing to use passwords a
> bit suspect. The chances of your fingerprint being compromised are real,
> but no more real than the chances of your password being compromised (brute
> force, rainbow tables, weak hashing/no salt).  In my opinion the take away
> should be use 2 factor auth all the time and I also think fingerprints can
> be an excellent form of 2 factor auth (I forget my phone/2FA device more
> than I forget my fingers).
>
> On Fri, Nov 21, 2014 at 11:43 PM, der.hans <PLUGd@lufthans.com> wrote:
>
>> moin moin,
>>
>> biometrics aren't secret enough or flexible enough to use in place of
>> passwords.
>>
>> http://blog.dustinkirkland.com/2013/10/fingerprints-are-
>> user-names-not.html
>>
>> ciao,
>>
>> der.hans
>> --
>> #  http://www.LuftHans.com/        http://www.PhxLinux.org/
>> #  Data restorals via Freedom of Information Act requests.
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
>
>
> --
> Paul Mooring
> Operations Team Lead
> Chef
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>