Comment on Microsoft’s Windows Hello fingerprint authentication has been bypassed
psudojo@infosec.pub 7 months ago
im all for the something you have + something you are , pb&j relationship, but i dont think lathering biometrics on top is a good idea,far too many spy movies have shown Tom Cruise doing the MOST for pictures of eyeballs and fingerprints for me to ever trust this type of auth
Herowyn@jlai.lu 7 months ago
The main issue with biometrics is that you can’t change them. If your fingerprints or retina are compromised you’re fucked.
MostlyHarmless@sh.itjust.works 7 months ago
Unless I meet you in person, I’m not going to get your biometrics. The point of these is to protect your accounts from the global Internet.
xkcd.com/538/
Herowyn@jlai.lu 7 months ago
It doesn’t need to be physical breach. If it’s stored somewhere it can (and might) be accessed by someone else and reconstructed.
MostlyHarmless@sh.itjust.works 7 months ago
And still useless unless they also steal your phone. You are still safe from the hackers on the other side of the planet