Reply to post: Replacing my passwords...

Microsoft promises end-to-end encrypted Teams calls for some, invites you to go passwordless with Azure AD

chuckufarley Silver badge

Replacing my passwords...

...With bio-metrics just means that the bad actors will need to learn how to spoof bio-metrics. How would this compare to enforcing the managed use of lengthy, randomized that are changed on a regular basis?

One huge benefit of using bio-metrics is that over time it limits the amount of data that needs to be processed in order to authenticate a user. Another is that no one (to my knowledge) has come up with a quick way to spoof bio-metrics...yet. However, our finger prints rarely change. The same is true for our faces. Once a bio-metric measurement has been cracked it should be considered insecure for the foreseeable future. In my opinion if passwords are long enough, random enough, changed often enough, and are securely hashed they will remain superior to bio-metric authentication, but perhaps inferior to using bio-metrics as 2FA with strong passwords.

Instead of trying to chase this Holy Grail I think Microsoft would be better off spending it's money learning how to apply the Shannon Limit to Dev Ops in order to reduce the number of bugs in released code to something close to zero. I think that Grail is more Holy than passwordless authentication..

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon