Enjoy a comfortable sense of security; a false one, though

“Apple to let you sign up for services with Face/Touch ID instead of passwords” https://mashable.com/article/apple-passkeys/?
It reads "In a WWDC developer session titled "Move beyond passwords," Apple engineer Garret Davidson shows a new feature, allowing users to sign up for new online services using Face ID or Touch ID instead of a password. "
Hearing big players like Apple uttering ‘cryptographic keys’, many people might well automatically feel safe. However, the fact is the addition of cryptographic keys does not make up for the absence of passwords.
The outcome is a false sense of security; You feel as if you were safer when you are actually less safe. This could often be even more detrimental to safety than known absence of security.
Where we need solid security, we need to deploy a solid password for defending the cryptographic keys. Our observation is explicitly outlined here – “Removal of Passwords and Its Security Effect”
……………………..
Well, you might now ask “What can we do to solidly defend cryptographic keys by our secret credentials?
Our answer is to re-generate the keys from our episodic image memory on the fly as outlined here – “Try and experience the simulation of ‘On-the-fly Key Regeneration’ by yourself”

Key References
Account Recovery with Expanded Password System
For Achieving Solid Digital Identity on Information Security Buzz (Mar/2021)
What We Know for Certain about Authentication Factors
Digital Identity for Global Citizens
Image-to-Code Conversion by Expanded Password System
Summary and Brief History - Expanded Password System
Proposition on How to Build Sustainable Digital Identity Platform

Additional References
Removal of Passwords and Its Security Effect
Negative Security Effect of Biometrics Deployed in Cyberspace
External Body Features Viewed as ‘What We Are’
History, Current Status and Future Scenarios of Expanded Password System
Update: Questions and Answers - Expanded Password System and Related Issues
![“Expanded Password System
wane = Only I can select all of
BS] them correctly
Broader choices with both images and characters accepted
i
Easy to manage relenons between accounts and corresponding passwords.
&
Torturous login is history. Login is now comfortable, relaxing and healing
BO
250
08](https://contents.bebee.com/users/id/13855668/article/enjoy-a-comfortable-sense-of-C3kfLmCC5zM5/QO90N.jpeg)
< Videos on YouTube>
Slide: Outline of Expanded Password System (3minutes 2seconds)
Digital Identity for Global Citizens (10minutes - narrated)
Demo: Simplified Operation on Smartphone for consumers (1m41s)
Demo: High-Security Operation on PC for managers (4m28s)
Demo: Simple capture and registration of pictures by users (1m26s)
Slide: Biometrics in Cyber Space - "below-one" factor authentication

.
Articles from Hitoshi Kokumai
View blog
Some friends directed my attention to this news report - · “Biometric auth bypassed using fingerpri ...

The quantum computer held in a bad guy’s hand is indeed a big threat. So is the artificial intellige ...

There is actually a valid methodology that enable us to maximize the entropy of the secret credentia ...
Related professionals
You may be interested in these jobs
-
Customer Delivery Driver
Found in: Talent UK - 3 days ago
Tesco Yeovil Full time - permanentAbout the role · Availability Window · Customers are at the heart of everything we do. · As the face of Tesco out on the road, we deliver all the way from Lands' End to John O'Groats. Our Customer Delivery Drivers get the opportunity to meet and talk to different customers in the ...
-
Student Recruitment Manager
Found in: Talent UK - 5 days ago
BPP London PermanentVacancy details · Applicants must provide evidence of their right to work in the UK as BPP is unable to provide visa sponsorship · Job Profile · Marketing - Brand & Content · Title · Student Recruitment Manager (London & South East) · Contract Type · Permanent · Job Purpose ...
-
Toolmaker
Found in: Jooble GB - 2 days ago
Holt Recruitment Group Limited Ferndown, Dorset Full timeTOOLMAKER · TOOLMAKERSALARY: CIRCA £35K DoE Do you enjoy a varied role where no 2 days are the same? Are you best when kept busy across multiple machines? Do you enjoy working with a mix of small - medium batches and prototype work? If so, keep reading, I have the perfect role fo ...
Comments
Hitoshi Kokumai
1 year ago #2
Some people, perhaps with Apple included, are just indifferent to whether two authenticators are used in a security-enhancing ‘two-layer’ deployment or in a security- lowering ‘two-entrance’ deployment. Those people would not hesitate to allege that the combination of (1) biometrics OR default pincode AND (2) asymmetric key pairs provides a higher security than the combination of (1) pincode AND (2) key pairs, although the fact is the opposite.
Zacharias 🐝 Voulgaris
1 year ago #1
I've heard of biometrics as a token-based authentication mechanism, but I didn't think anyone would actually use it instead of passwords, on a device that's this vulnerable (according to a certain CS expert anyway, who lives in exile still). Whatever happened to 2-factor authentication?