Topic: Apple wants to replace all passwords with biometrics (Read 368 times)

If apple makes it a rule - than obviously people will do it.
But I am not sure why would they want to go to biometric since that might not be possible for the other regions. However may be in coming future they manage to do it.

So, if I want to share my password with someone I would need to cut my head or fingers and pass it over? 

Biometrics is considered as of now slightly less secure than other methods of protection, I would not like to loose my user / pass access, old style, that, until now, has given me zero problems other than an occasional need to reset the passwords and the like.

These technical inventions are good but than to implement them globally is not an easy task. My office started a project of an app - that was huge problem implementing it in other country because of the change in the systems. Maybe in near future this issue will get resolved but not in the near future.

Governments can get a warrant through the judicial system and physically force you to give up your thumb print to unlock a device. Face ID would work the same way. They're not safe for the user.


Apple invests a ton into cybersecurity R&D but no system is impenetrable. Biometrics being stored locally isn't enough if someone were to get hold of the device (ie law enforcement) and bypass any security measures. I wouldn't be concerned about the ordinary person who doesn't have the resources to bypass Apple's own security measures -- law enforcement could probably seek legal avenues to have biometrics scrapped from the device, forcing Apple to cooperate.

With improving technology each day I am sure they will improve and will be in a state where they give zero errors. However I feel there is a bigger threat with biometrics kicking in which is sensitivity of our data. This is giving our facial metrics info and fingerprint scans to a private body, who we don't know what will do with this data point? Today it's not that difficult to fabricate a false fingerprint On a crime scene but I am pretty sure same won't be the case 10 years from now.

I am using some apple products, it really gives a better experience than others. But I agree with the tendency to use passwords like you do, using fingerprint lock or face recognition is really convenient and fast for users. But I feel there is too much risk when someone attacks and hijacks our phones, they don't need to ask for a password, just a few simple steps of putting the phone on our face, they have can be unlocked easily. I am using an old iphone with fingerprint lock function but for the most part I prefer to use passwords for my important apps.

Hah, I wish I share your optimism. The one thing I know about people is that majority will always choose convenience over safety and I already see people all around me using fingerprint scanner instead passwords whenever they can, and the only reason why it hasn't spread more is because its mostly reserved to more expensive mobile phones&laptops  and other tech but soon enough it will spread to lower end and then everyone will use it.


These things don't happen overnight, they are playing the long game.

I don't like and don't use Apple, but I think decisions like this should be based on the desires of users. Do the majority of users support the switch to biometrics?
I personally tend to use passwords and find it a bit unsettling when my own body is used to open things, apps and stuff like that. Also, from fingerprint lock on the phone, I know that it often doesn't read well, and it can be annoying when you need access to something but the fingerprint is read incorrectly many times. Not to mention that yes, there's plenty of hardware that doesn't have fingerprint support, so it's very elitist, like Apple always is.

What makes Apple customers confident that they can even protect themselves? especially when they are carrying their device in a semi-conscious state due to the influence of drugs and alcohol at a party, biometrics are even easier to hack imo. Instead of learning hacking techniques, you just need to learn basic pharmacy science to anesthetize Apple users.

Now with AI technology can replicate a person's face that is close to the original.

What Apple has done we need to appreciate and indeed there have been many cases of security using compromised passwords,
sometimes when we use phrases that are difficult to guess, things like that still happen because hackers are also very skilled at doing that

One word is enough to summarize this proposal: HA!

Attempting to replace passwords with fingerprints && facial recognition is never going to succeed, no matter who tries. There will always be a voiceforous population using the devices that will never consent to using these methods of authentication for privacy or usability reasons (e.g. what happens when you're wearing gloves during winter, or sunglasses), and since Apple is the one implementing this, it's guarranteed to fail because they never look beyond their own product ecosystem.

Maybe they get a few million people to use it, but nobody is going to be able to not only force websites to implement such an authentication BUT SIMULTANEOUSLY force users to change their passwords at the same time.

Talk about a fighter jet that's blown up before it even takes off...

---

You want true alternatives to passwords, at least for desktop logins? Then use an adapation of SSH, a proven method of authentication (no-one has ever been able to crack a 4096-bit RSA key yet). Adapt it by putting them on USB sticks, memory cards, and other portable media with a special filesystem. Then when the device is inserted into the computer, the OS automatically sees the private key, and mashes it against the public key and authenticates you.

For added security, use modifications of seed phrases or diceware as a secondary login method, where the user can input 8-12 words words from a fixed bank of 10,000 or so words that users are advised to write down and store in a safe place like a wallet (yes this will make this login method vulnerable to theft, but it makes the most prevalent method of break-ins - remote brute-forcing - impossible! )


Last method can be ported to mobile devices, and so can the first one if such a standard is adapted to authenticate using a Bluetooth private key authentication device as well! (Just hold the device anywhere near the lock screen while pressing a certain "Authenticate" button on the key device.)

Biometric security actually sucks, recently I watched a video in the YouTube not sure about the device they used but it is recently launched and successful so probably Samsung if I am not wrong. While scanning the finger print in the first place we need to scan multiple times atleast 5 before setting up the finger print so they decided to scan five people's thumb for the one finger print but the result is five people managed to unlock the device with only one finger print setup.

So its less secure than passwords so don't go for it and I don't think they will enforce it completely to go with only biometric security system for their devices.

Btw
Would you be okey using biometrics to lock-unlock your personal devices if your data were localy stored instead in custody of a big tech company?

That is part of the essence of human advance through history, after all: seeking comfort and ease. I'd dare to say that in the end, science and engineering ultimate goal is to put laws of the universe at the service of humanity to make our short lifespan as comfortable as possible, of course this is the ideal point of view, we know there are hidden interests and wishes for massive profits.

What i am trying to say is that Apple knows that anything that makes users lifes at least a lil bit easier has a high chance to succeed, even though, people ignore they are giving up part of their identity in exchange of saving a few seconds to type a password/use two factor authentication.

What is wrong with these guys @Apple, that a user chooses what is secure for him or her and it happens to be 12344 or 123456789, what then is there concerns about it. Should they go "*÷€÷&fsjvcak÷*÷^:÷fdgebrova&"$×( only to forget it Immediately after they've created it? They ought to live users to decide what is convenient for them. Bes the know, they are offering the service and users makes use of it the way that suits best with them.

Biometrics isn't a 100% as there could be fowl play and some smarty pants will surely come up with ways to cheat the system which I think, would be all too easy compared to password combinations. Apple uses mainly passcode in place of password, they should ensure proper passwords that are supposed to be Alphanumeric.

I think there's less of an incentive to hack the current biometrics used though (unless you mean by bypassing them - and I think there are still vulnerabilities that are found in their login process, a 6 digit pin in fairly easy to crack though if you've got another device to host the bruteforce attack - I don't think it's possible to use biometrics as soon as you turn on most devices for example and with apple, you can't use biometrics if you've held down the power button for a long enough time to end up on the confirm shutdown screen).

Being able to get access to every account somenoe has is a lot more useful to an attacker than gaining biometric info.

I think it's Simple and secure by describing the Password Lock technology. A passkey increases your security by eliminating the need to store and use passwords. That's a good thing because passwords are notoriously insecure. Many people use phrases that are easy to remember and can be guessed easily. So what Apple has done is an incremental act of upgrading, then hackers will be harder to break into

Indeed, it is enough that once your biometric data falls into the hands of scammers, and this is where your privacy will end. I'd rather change my password than give my biometrics to some scammer. And I'm not one of those people who put passwords like 12345 and so on. Crazy people. 

Without a doubt those which have no problems with a private company having all their biometric information or that are not worried about such information getting leaked are free to use a service like that, however the issue is that now it seems passwords are not going to be an option in the future, when passwords have many advantages, not only they can be incredibly secure you can use a lot of them which means that if one account is compromised you only lose whatever was in that account and not everything as it will be the case with biometrics.

Security issues are increasing because more and more data theft, this has become the most important thing for many companies so that various ways are done to ensure data security, what Apple is actually doing is not the first idea, because I've heard many companies have ideas for security, namely by biometrics for PIN or password.

Biometrics are just as effective as passwords, but for security there are special features like those found in Apple's biometric sensors. That is, it will not work if the subject dies.
and the mechanism can be said to be difficult, there is a weak current sensor that distinguishes living and dead body tissues. What is clear, surely the price of research and production is expensive.
If commonly used biometrics are relied on as privacy protections, then the vulnerability of crime increases, perpetrators could cut a finger or kill to forcibly unlock on condition that the account holder refuses to log in although it is unlikely, but reasonable if possible. something.
and on the other hand it is very dangerous in terms of cybersecurity, because if our data is hacked then hackers can ensure the validity of our data very accurately because biometric login and lock out activities can only be carried out by the subject recognized by the device.
There will be good and bad sides depending on who uses it whether it is important or not and whether we have to keep something valuable in it.