It’s a matter of who you’re protecting things from and why. As Bruce Schneier once said: “Write your passwords on a card and keep it in your wallet”. This made a lot of sec pros cringe. Truth be told, it’s how you protect your credit cards. (At least when the data is “at rest”)
I use a password manager. I’ve got pass phrases memorized for important things like my banking or client sites I need to log into (and I use those pass phrases to decrypt my private key with asymmetrical cryptography to access the site. (ssh)
The only reason I use random crap for security questions is it is the weakest link in the chain. There is no point in using a strong password or cryptographic protocols when the whole thing can be reset if you know my mother’s maiden name.
All my laptops that I have got over the last 10 years have had fingerprint scanners on them.
I refuse to use them because they are easy to fool with gelatine, and I have concerns that they will still work even if my finger isn’t attached to my hand. My devices aren’t worth enough that I am willing to lose body parts for them.
Biometrics can never be used effectively as the only source of identification. As @japhroaig pointed out up thread, they fit into the “Something you are” category. This means if someone can copy it, it’s ruined as an identifier. You never get it back, and you can’t change it.
And the ship was never “designed to be unsinkable.” The designers never called it that. It was more “as far as it is possible to do so, these two wonderful vessels are designed to be unsinkable.”
My wife volunteers at the local library in a computer coaching program. Anyone can sign up to get 45 minutes of 1-on-1 help with basic tasks on their computer / tablet / phone. It is a lot of helping people use email, online photo sharing, message boards, job applications, and helping people set up etsy stores. By far, the number one problem people have is with passwords. Even when people have other problems, she often can’t help them because they don’t remember their passwords, they get username and passwords confused between sites, they forgot their password and created a new account and now have two email accounts, and they don’t understand why sometimes they see some emails and then they are gone when they look at the other account.
There is a large population for whom, passwords do not work, in fact they are literally worse than nothing at all: they are using simple, easy to hack passwords but they can’t even access their own accounts. So yeah, I think any attempt to improve that situation is worthwhile, and honestly the people screaming about how dumb of an idea, or who don’t think there is a real problem to fix here are simply living in a tech-elitist bubble. Not to mention that the current situation is not even that great for technically literate people. Password managers are better than the alternative, but have plenty of problems.
Obviously this one plan isn’t going to completely solve online identity and authentication for everyone everywhere. But I am certainly happy people are trying rather than just being judgmental on the internet like me.
I’m not sure that following people around based on tracking analytics is the best thing either… I mean, I get where you’re coming from. But it’s just… I’m skeezed out enough that google basically knows me better than my family and my doctor and my coworkers combined. And maybe It’s dumb to feel that it’s better when they’re not obvious about the fact that they’re tracking me with a higher level of precision than the NSA.
The username+password combo seems relatively ideal in comparison to me. Even with 2FA.
But I know I reacted to this the way I did because I was assuming that google has in mind “no passwords for anyone. Everyone’s continuous tracking will authenticate them, and that’s the end of updating your own security.”
Yes. Yes, yes, yes. One of my bosses is a cocreator of FIDO, and believe me–the Technorati aren’t enforcing passwords cause we like them. It really comes from understanding that we don’t know who this new invention will disenfranchise. I’m not yelling, just stating what me and my colleagues talk about.
If we move to “who you are”, how do you revoke that when it gets stolen?
Practically I believe “what you have” is the best choice. A card in your wallet, with a weak pin. Easily replaceable, cheap, and easy to use.
Have and know seems like the best combination for most people. Google’s implementation of 2 factor authentication where they text you was a good step in this arena.
Biometrics have a place, but they are dangerous in a world where data leaks are common. Everyone who got their information stolen in the OPM breach, and had a clearance above a certain level, could be framed for a crime.
They all got fingerprinted, and if someone with the leaked information chose to get crazy with it, they could leave false finger prints all over a crime scene.
I am in general very skeptical of biometrics for all the standard reasons, but I now think it has a place to play, in particular for things like mobile device unlocking (and especially not any kind of remote access). It isn’t as secure as a strong PIN/password, but I unlock my phone dozens of times per day. A fingerprint scanner lets me use a stronger PIN than I would otherwise want to use, while providing pretty good protection against the most likely vector of attack: I leave my phone somewhere public and it gets stolen. My understanding is that while my prints are all over my phone, it would actually be hard for a potential attacker to lift a clean print of the right finger on the first try. And if they screw up a few times, the phone will require the PIN, at which point using the stronger PIN will really help, and means I don’t need a really agressive “N wrong pins and wipe the device” setting, which is obviously prone to DoS attacks.
As a side benefit, using the fingerprint unlock most of the time reduces the chances that you can figure out a PIN or pattern by the smudges left on the screen from unlocking.
I wouldn’t want to use biometrics directly to access a website or other remote access, but in some cases I am OK with doing that indirectly: using my phone (or other device) as a cryptographic token, and the fingerprint scanner to authenticate to my phone. This could be in conjunction with a password, or alone once the device is already marked as trusted. This only really works for devices that have some sort of hardware secure token chip, but that is more and more things.
This. Maybe tied to a commonish login system so you don’t have to have a different card for your bank, each email account, etc. but that has issues too.
My work does it this way. Slide your ID card into the reader and put in you PIN (minimum 7 digits)
You would have to steal the card and know the PIN either one won’t get you anywhere. And I have yet to see anyone with their PIN on a post it stuffed in the badge holder as it is way way easier to remember. I would love for it to be chip+passphrase if possible just to make a brute force harder but then you get back to writing down things on post its.
