Fingerprints are not passwords

Biometrics were never authentication tokens. They were identity tokens. Authentication tokens are secret and replaceable, and your fingerprints (your retina, your iris, and so on) are neither.

When you authenticate something even slightly sensitive with biometrics, you’re doing it wrong.

The right way to do it is to identify with biometrics, and then authenticate with a proper security token, which is secret.

Falkvinge: Once more, with passion: Fingerprints suck as passwords »

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.