Submitted via IRC for TheMightyBuzzard
A global study from IBM Security examining consumer perspectives around digital identity and authentication today, found that people now prioritize security over convenience when logging into applications and devices.
Generational differences also emerged showing that younger adults are putting less care into traditional password hygiene, yet are more likely to use biometrics, multifactor authentication and password managers to improve their personal security.
With millennials quickly becoming the largest generation in today's workforce, these trends may impact how employers and technology companies provide access to devices and applications in the near future. Overall, respondents recognized the benefits of biometric technologies like fingerprint readers, facial scans and voice recognition, as threats to their digital identity continue to mount.
Source: https://www.helpnetsecurity.com/2018/01/29/authentication-today/
(Score: 3, Insightful) by DannyB on Tuesday January 30 2018, @09:24PM (2 children)
I am in agreement with the parent poster that biometrics are not a replacement for the other two factors. (He says the password.) But I'm okay with biometric in addition to other factors.
And your user name or user id (one of the typical fields along side password) is NOT one of the factors. Because anybody can know your user name / user id.
Biometric IS useful for certain applications. I find it incredibly useful to unlock my phone. It is my choice to enable that for my convenience. In this case, it is effectively "a button" to turn on the phone, but it only responds to my finger.
The lower I set my standards the more accomplishments I have.
(Score: 2) by darkfeline on Wednesday January 31 2018, @06:36PM (1 child)
Biometrics is not okay as an additional factor. Biometrics functionally can only play a role as an identifier, which as you say, is NOT a valid authentication factor. Because anybody can know and reproduce your fingerprint/face, etc.
>I find it incredibly useful to unlock my phone.
Naturally, because it is convenient, not secure. It is even more useful to not lock your phone at all and proportionally less secure.
Join the SDF Public Access UNIX System today!
(Score: 2) by DannyB on Wednesday January 31 2018, @08:04PM
Actually it is inconvenient to not lock your phone. Too often the phone gets activated in your pocket and then all sorts of havoc ensues. So on my previous phone I used an unlock pattern. I got so used to it that every single time I wanted to use my phone, I had to swipe the pattern. Then I got the fingerprint reader and all was wonderful.
I don't think of it as secure. If I really were after secure I would be using a real password. I find the fingerprint "button" convenient, because it is like going back to just having a simple unlock button that you press, but it is the fingerprint reader. A touch and the phone wakes.
The lower I set my standards the more accomplishments I have.