Reply to post: finger prints as passwords

Intel, Lenovo officially gone to the dogs – with FIDO fingerprint logins


finger prints as passwords

Just as a counter point (which may or may not attract a whole bunch of downvotes).

While I understand the argument of, but you leave your prints everywhere, and you can't change them. I could, with reasonable certainty write down (one of my) password(s) on post it notes, and wander around sticking them in various places. Anybody who took the time to find one, would have a piece of paper, with a random string of characters on it. They would not know who I am, what service the password was for, or the log in / username for that service. The password on it's own, is not much use to them, neither is a fingerprint.

If you are concerned about people following you around and stealing your fingerprints off light switches, on the off chance that they also have physical access to the device(s) that they are registered on, I think you have bigger problems.

Yes, I use the print reader on my phone, I find it quite convenient. The concern that someone is going to lift my finger prints from somewhere and make a copy, is less of a concern than the idea that someone is going to steal my phone, which coincidentally is also pretty slim. When was the last time anyone here had their cash card stolen from them, and the PIN beaten out of them? Not saying it doesn't happen, far from it, just that that is, and always will be, a lot easier than trying to lift / copy a finger print, from a surface that probably has dozens of overlapping prints, and being able to match it to a person / service.

I'm not saying finger prints are the best 'I have a hard time remembering my passwords' solution, just that the fear of having them stolen from you is a little dramatic, especially when you consider how many people, when they get the nice friendly box that pops up saying, 'would you like me to remember your password' just instinctively click, 'yes', at which point anyone who has access to the device no longer needs even the username, as they can just browse to a site and be auto-logged in.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020