Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Maybe (probably) I’m just ignorant of the actual state of the industry, but it seems to me that biometrics have always been about providing full user authentication. I’m not personally aware of any instance where an alphanumeric password is still required as a secondary authenticator to biometrics.


> I’m not personally aware of any instance where an alphanumeric password is still required as a secondary authenticator to biometrics.

It's straightforward to configure Active Directory / Group Policy to require biometric and password factors for interactive authentication.

The main reason not to allow _only_ biometrics is to disincentivize chopping fingers off (well, it's more because [it's still surprisingly easy to fool biometric systems](https://www.theguardian.com/technology/2014/dec/30/hacker-fa...)).


I mean you're referencing an article from 2014 about a relatively unsophisticated biometric auth system. It's like saying "TSA locks are stupidly easy to pick."

There are extremely high-security biometric auth systems that you would have a much harder time fooling. The high-res retina scanners that take a 3d map of your eye and detect blood flow would be a much better assessment of what's possible.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: