Half-baked Discussion
Some friends directed my attention to this news report - “Biometric auth bypassed using fingerprint photo, printer, and glue” https://www.bleepingcomputer.com/news/security/biometric-auth-bypassed-using-fingerprint-photo-printer-and-glue/
It looks like correct in saying "A fingerprint should not be considered a secure alternative to a strong password. Doing so leaves your information — and, potentially, your cryptoassets — vulnerable to even the most unsophisticated of attackers".
But, it’s a half-baked discussion; the above messages comes with such a non-sensical remark as “Fingerprints are a convenient biometric authentication method, but when it comes to critical applications, they should only be used as 2FAs in conjunction with a strong password.”
A very similar argument is found in this report as well – “Your Fingerprint Can Be Hacked For $5. Here’s How” https://blog.kraken.com/post/11905/your-fingerprint-can-be-hacked-for-5-heres-how/
What kind of 2FA?
In the real world, two authenticators are mostly deployed in a security-lowering multi-entrance formation for the sake of availability. I have never seen the two deployed in a security-enhancing multi-layer formation (real 2FA) since the availability would have to be sacrificed (What about the users who can feed correct passwords and yet get rejected by probabilistic biometrics?)
For more, please refer to “Biometrics is to Password what Back door is to Front door”
Key References
Biometrics is to Password what Back door is to Front door
Removal of Passwords and Its Security Effect
Negative Security Effect of Biometrics Deployed in Cyberspace
External Body Features Viewed as ‘What We Are’
Additional References
For Achieving Solid Digital Identity on Information Security Buzz (Mar/2021)
What We Know for Certain about Authentication Factors
Digital Identity for Global Citizens
Image-to-Code Conversion by Expanded Password System
Summary and Brief History - Expanded Password System
Proposition on How to Build Sustainable Digital Identity Platform
Account Recovery with Expanded Password System
History, Current Status and Future Scenarios of Expanded Password System
Update: Questions and Answers - Expanded Password System and Related Issues
< Videos on YouTube>
Slide: Outline of Expanded Password System (3minutes 2seconds)
Digital Identity for Global Citizens (10minutes - narrated)
Demo: Simplified Operation on Smartphone for consumers (1m41s)
Demo: High-Security Operation on PC for managers (4m28s)
Demo: Simple capture and registration of pictures by users (1m26s)
Slide: Biometrics in Cyber Space - "below-one" factor authentication
Articles from Hitoshi Kokumai
View blogOur password headache may well be the consequence of these dual causes - · ‘Use of Impracticable Pas ...
Today's topic is this report - “How blockchain technology can create secure digital identities” · h ...
“Expanded Password System is no bad, but we do not need it. · We can rely on password managers that ...
Related professionals
You may be interested in these jobs
-
Factory Operator/labourer
Found in: Jooble UK O C2 - 4 days ago
Adecco Newhaven, East Sussex, United KingdomFactory Operative · Are you looking for a rewarding role in the manufacturing industry? Our client, a leading manufacturing organisation, is seeking a dedicated Factory Operative to join their team in Newhaven. As a Factory Operative, you will play a vital role in the production ...
-
Field Service Engineer
Found in: Jooble UK O C2 - 12 hours ago
ADR Eng Specialists Ltd Coventry, United KingdomA leading brand in the supply and maintenance of fork lift truck machinery across the UK and abroad. This company offers a service and maintenance package to multiple clients with respect to various fork lift trucks and other material handling equipment are recruiting a Field Ser ...
-
SEN Teacher
Found in: Click to Hired UK C2 - 1 hour ago
Qualiteach Ltd Camden Town, United Kingdom Permanent, Full timeSEN Teacher – Camden – Sept 2024 – MPS / UPS – (salary dependent on experience) – SEN School · * SEN Teacher required in Camden. · * SEN Teacher required for September start. · * SEN Teacher required for an SEN school. · * SEN Teacher - Must have QTS. · Do you have QTS? · Are you ...
Comments
Zacharias 🐝 Voulgaris
2 years ago #1
It's amazing how we as a species now tackle quantum logic while the vast majority of people can't even manage conventional (Boolean) logic, enough to see through the fallacy of the two-door approach to security…