Author

Topic: How secured is fingerprint lock on wallet? (Read 475 times)

legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
April 04, 2022, 11:53:31 AM
#45
But the problem with a hardware key is that it can also be stolen with the mobile device.
Hardware wallets are not mobile phones, they contain the keys used to hold coins. Although, the most important is your seed phrase (+passphrase if included) which can be used to regenerate your keys and addresses. Hardware wallets are portable and can be carried about, but this is not advisable.

They can steal the suitcase, where you have your documents, smartphone, keys, and even the hardware key.
Have your hardware wallet in the best possible place you think it is safe (not inside safe or places that can be easily noticed by thieves). Like I implied above, the most important is your seed phrase (+passphrase if included).

One thing you have to be aware of, when you physically steal equipment, a good part of the security we have in them can be compromised.
All care is little.

When something like that happens, we should change passwords and pins as soon as possible, and if in accounts and applications where possible, log off remotely.
If your hardware wallet is compromised, best to send your coins to another address generated by another offline wallet. An offline wallet like paper wallet can be created immediately and send your coins to an address or addresses generated by the paper wallet  and later buy another hardware wallet.

It is advisable to use passphrase with hardware like Trezor, because even if the seed phrase is revealed to the offline attackers, the attacker will not still able to compromise the wallet because different keys and addresses are generated due to the passphrase added to it. Adding passphrase is another protection, but it is needed along with seed phrase during recovery.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
If you want more secure than passwords or codes, then a hardware key is the way to go.

I agree with you.

But the problem with a hardware key is that it can also be stolen with the mobile device.
They can steal the suitcase, where you have your documents, smartphone, keys, and even the hardware key.

One thing you have to be aware of, when you physically steal equipment, a good part of the security we have in them can be compromised.
All care is little.

When something like that happens, we should change passwords and pins as soon as possible, and if in accounts and applications where possible, log off remotely.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
We should start thinking about ways to increase the security of access to accounts, but that this is also done in a simple and secure way.
Is this something possible?
They are all very useful, only sim authentication, email authentication, fingerprint and face scanner are not recommendable. Pin and password for attackers not to be able to have access to your account, 2FA authenticator as an extra layer of protection in case your account login details has been compromised but 2FA OTP required to withdraw. Even 2FA OTP would most likely be demanded for if an attacker wants to login with another IP address and/or another device.

More secure still is 2FA using a hardware token, such as a YubiKey. To compromise your account an attacker would need to be able to steal or brute force your password, as well as be able to physically steal your hardware key. This is exponentially more difficult than simply gaining access to an email account. Even in most cases, new 2FA would b demanded for if new device want to sign in.
Yes, no internet access or other connection, it is actually one of the safest.

The security features of Yubikey are far more beneficial than regular TOTP and 2FA on mails and SMS
Sim and email authentication are not even safe but 2FA using open source apps like Aegis on airgapped device is also safe. Just that using Yubikey can be safe for newbies that are not savvy enough to setup 2FA appropriately.

---snipped---
People should look towards the disadvantage especially if wallet apps can also be accessed using only fingerprint without pattern, pin or password required. Some of the wallet offline hack these days could be as a result of fingerprint. Most people just set it up without thinking about its disadvantages.
legendary
Activity: 1288
Merit: 1081
Goodnight, o_e_l_e_o 🌹
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?
Using a fingerprint lock did not add extra security to your seed phrase or wallet, but it reduces the security and safety of your mobile device and wallet. Example is when you are sleeping, only your finger is needed to unlock your mobile device if you enable fingerprint lock, this will be able to bypass the password or pin, someone can use this opportunity to compromise your device and wallet when you are sleeping. In case of many other attacks, only your finger print would be needed to unlock your device.

With this, I will advice you to just use only password or pin which protect your mobile device than finger print because once a finger print is enabled, your password or pin can be bypassed in most cases. Fingerprint is easy to use but does not add to security and reduce the security of your device.
You narrated the disadvantages of the finger print which is correct. But there are underlying advantages you overlooked. Yes! It is true that finger print does not in any way secure the seed phrases but finger print adds another layer of security and also do these two things below;
1. Some people's memory fail them faster and often, with finger print you will beat that challenge. Like my blockchain and trust wallet pins are more than 4 digits, I can't remember them anymore. But I wrote them down somewhere safe, but I have always been assessing them with my finger print.
2. Again, I might be with my friends or relatives and would want to access my wallet, I wouldn't be hiding to input my password or pin. I'll just use my fingerprint.
These are some of the advantages of fingerprint
legendary
Activity: 1974
Merit: 2124
If you consider something like SMS or email 2FA, then such things are very insecure. Often people access these on the same device they are using to log in to the account in question (a phone). Often if one of these things is compromised, then both factors can be compromised, meaning it is not really 2FA at all. An example is an attacker gaining access to your email account; they can now send a password reset email and receive your 2FA code via email, rendering email 2FA useless.
Exactly most of the people have the apps and 2FA security on same device.The device going in wrong hands is usually risky because the 2FA code is with them,if you have some OTP based system then sim card is there and most of them have the exact mail being used in logging in to some apps which is being used in their app store or already logged in mobile.So the risk is at full level.I would recommend using proton mail for security purposes but don't forget password about them.The best is secure your device at the first stage.

2FA using a TOTP generated from a separate device (even better if this device is airgapped) is far more secure.
Although it also has certain limitations but still better than SMS security and as you said on different devices with airgapped system.

More secure still is 2FA using a hardware token, such as a YubiKey. To compromise your account an attacker would need to be able to steal or brute force your password, as well as be able to physically steal your hardware key. This is exponentially more difficult than simply gaining access to an email account.

If you want more secure than passwords or codes, then a hardware key is the way to go.
That's the best thing you could use as authentication and save yourself from phising attacks because if you are using hardware devices as security purposes the risk factors already reduced unless someone gains access to you keys in real life.But you should create backup codes also in case you have lost but it should be offline.

The security features of Yubikey are far more beneficial than regular TOTP and 2FA on mails and SMS as you could have long codes setup and no need to manually type the code as you just have to press the button on the device to login.Every yubikey is also unique so you don't need to worry about it.But it should be remembered there are risk if we are careless.

Yubikey

The security can be compromised on our end but we should always focus on maximising it because once fund lost it's impossible to get them back.We need to be updated with the latest technology to some possible extent we can.
legendary
Activity: 2268
Merit: 18711
These factors, which you mentioned, show that although 2FA is a good security system, it is not the most practical and the best.
Not all 2FA is created equally.

If you consider something like SMS or email 2FA, then such things are very insecure. Often people access these on the same device they are using to log in to the account in question (a phone). Often if one of these things is compromised, then both factors can be compromised, meaning it is not really 2FA at all. An example is an attacker gaining access to your email account; they can now send a password reset email and receive your 2FA code via email, rendering email 2FA useless.

2FA using a TOTP generated from a separate device (even better if this device is airgapped) is far more secure.

More secure still is 2FA using a hardware token, such as a YubiKey. To compromise your account an attacker would need to be able to steal or brute force your password, as well as be able to physically steal your hardware key. This is exponentially more difficult than simply gaining access to an email account.

If you want more secure than passwords or codes, then a hardware key is the way to go.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
Here is the problem with 2-factor authentification that you mentioned. Many people don't use it as such. 2FA is only effective if the device you receive your codes on is separate from the device you use when you are logging in to a site or service. For example, if you log in to an exchange via your PC, your mobile phone can be a 2FA device. But if you are using your phone to access your exchange account and that same phone stores your 2FA codes, that's not a proper use of the second factor. You need a secondary phone for your 2FA codes. That way, both devices need to be compromised for someone to hijack your 2FA-protected accounts. Accessing everything from one device is a 1-factor+ authentification system. 

These factors, which you mentioned, show that although 2FA is a good security system, it is not the most practical and the best.

I think you have to start thinking about ways to access accounts, better than passwords, codes, 2FA, etc, since they are increasingly outdated methods and require users to access platforms more and more complicated/difficult.

We should start thinking about ways to increase the security of access to accounts, but that this is also done in a simple and secure way.
Is this something possible?
legendary
Activity: 2730
Merit: 7065
It does add an extra layer of protection on your part. Think of it as like a 2-factor authenticator; before you can log-in with your account, it asks for more information and authenticator by inputting the code sent to your phone/email.
Here is the problem with 2-factor authentification that you mentioned. Many people don't use it as such. 2FA is only effective if the device you receive your codes on is separate from the device you use when you are logging in to a site or service. For example, if you log in to an exchange via your PC, your mobile phone can be a 2FA device. But if you are using your phone to access your exchange account and that same phone stores your 2FA codes, that's not a proper use of the second factor. You need a secondary phone for your 2FA codes. That way, both devices need to be compromised for someone to hijack your 2FA-protected accounts. Accessing everything from one device is a 1-factor+ authentification system. 
legendary
Activity: 1624
Merit: 1200
Gamble responsibly
suggest you go retro and use a pin and password to have full control of your wallet at all times, even when you're asleep.
That is true, it is better to use a password instead, using fingerprint is not safe like using password, but the security is not about control. If you are talking about control, what about people that are using custodial wallet, no matter how their device security is, they are using a centralized wallet and do not have full control. Having on password is just about security.
newbie
Activity: 18
Merit: 0
It is better to be safe than sorry. Adding a layer to your security only protects you from further risk since there are many fraudsters or scams out there, you can never fully trust anything. I suggest you go retro and use a pin and password to have full control of your wallet at all times, even when you're asleep.
hero member
Activity: 952
Merit: 555
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?

This can only add more to the security of your wallet if you are using a 2fa verification, meaning that it will require your fingerprint first to access imputing the password, but I will advise you to always have two security measures to log into your wallet, things can be wrong with your hand or scanner atimes and the mobile as well can develop fault with time, but having a 2fa verification will guarantee maximum protection to your wallet.
hero member
Activity: 2268
Merit: 789
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?

It does add an extra layer of protection on your part. Think of it as like a 2-factor authenticator; before you can log-in with your account, it asks for more information and authenticator by inputting the code sent to your phone/email.

Like what Rikaflip also mentioned, it is also a matter of convenience on your end where you get to see your BTC wallet balance on your account. The best way of getting protected is still not spilling your private keys in your wallet except to one trusted member of your family to add a layer of contingency in the event that some unfortunate event happens.
member
Activity: 405
Merit: 19
Fingerprint locks on mobile phone will keep people away from operating your phone at your back but mind you it has nothing to do with keeping your recovery seed or private key safe.
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?
In my opinion biometric security is less secure compared to the random long password because someone can force you to out fingerprint but getting password out of your head is almost impossible unless you tell them. But no matter what kind of password either its random characters or fingerprint you have to be careful if you hold millions worth of cryptocurrencies there.
legendary
Activity: 2492
Merit: 1215
Everyone saw in movies how it is easy to create a copy of a fingerprint with just a adhesive tape. With a use of 3d printer, I think it is possible to create a copy of persons finger.

Fingerprint protection is not insured against cases, when a person looses finger, or fingerprint becomes unreadable. It can be burned by acid, or you can get multiple skin cuts and you would have to wait days or weeks before recovery. I would not take such risk.

Not everything is as simple as it appears in the movies.


I know, but this is the first step to start trying to trick recognition system and sensors. If we already think about several ideas how to bypass such security, and DroomieChikito even tried some of the tricks, then people with resources can achieve more. I think that if security system has already weak points during discussion period, then it is no use using it, as criminals creative mind will find a way to bypass it.
hero member
Activity: 994
Merit: 744
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?

It's a form of adding extra security to your wallet, meaning you are trying to avoid everyone from seeing you wallet balance. Wallets like trust wallet, phone fingerprints is not enough for security because supposing you add your private key to the Trust wallet, once someone is able to access your top security on the Trust wallet, he or she can have access to your private key, which is not safe.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
I watched on youtube, That HW is replaced the PIN Function with a fingerprint. That's good progress I think. I hope when fingerprints not functioning properly, they have a backed manual PIN.
Although, not a new technology but yes, it is a good progress to many people, but not to people that are conscious about security, because such people will decide not to use it as it makes their hardware not to be secure at all. Going for only pin would be the better way.

That is the point, I still don't believe all the tricks done by the movie. I ever try what the movie did, I tried to duplicate my fingerprint using silicone, but it didn't work when trying on my phone. It also depends, on when the all-important thing is inside, I think the user will keep his finger safe from burning.
There are a lot that still happening in movies, like plucking someone eyes for eyes recognition and also plucking someone's finger for fingerprint recognition. These two can work out. Yet best to go for Pin, password or pattern.

The easier it becomes the lesser the security.
legendary
Activity: 1722
Merit: 5937
I don't know why too many people didn't believe the fingerprint technology, it has been widely applied in all aspects and security, If that technology has not safe, no one is developing it anymore. it's the same as a PIN or Password, it also depends on how much care you protect.
I don't think that its the same as a PIN or password protection. While you can make it much harder or almost impossible for thieves to penetrate your phone/wallet by using a proper password, you can't do anything about your fingerprint. Phone scans it and that's about it, there's no way for you to make it more sophisticated and there lies the problem.

In crypto wallets, the fingerprint function is only to provide speed for transactions carried out without having to manually use a PIN
That's not necessarily true. For example, if you enable biometrics in some mobile phone wallets like Blockchain, it automatically offers it as way to log in into wallet meaning you just made it less secure.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
Actually, you don't even need special tape at all. A simple phone camera and a 3D printer were enough to create a working fingerprint replica simply from a photo of a fingerprint which could fool even ultrasonic scanners, and all in <15 minutes: https://imgur.com/gallery/8aGqsSu

I don't know about you, but I don't fancy having my phone or my wallets secured by something which can be reliably broken in 15 minutes. I'll stick to my long and complex passwords which will take several millennia to brute force, thanks.

What I'm saying is that for this whole process, it's necessary to steal the phone and fingerprint. This demonstration was done under ideal conditions. Of course it does. And don't forget that the system used in most smartphones is far from the best fingerprint technology.

Either way, I'm not saying fingerprints are more secure than PINs or passwords.

In addition, even the latest technology can unlock phones, if you have access to the hardware. No matter what security system you use, if the criminal has access to the hardware, he may be able to access your data if he has the right tools.

The warning I give is that the person consciously uses the technology at his disposal.
legendary
Activity: 2730
Merit: 7065
A more worrying thing to me is not that someone can steal my crypto by unlocking my phone while I am asleep, but who could get access to those fingerprints if they were leaked. Smartphones are apparently not storing biometric data in some centralized servers somewhere in the world. It's said that the fingerprints get encrypted and stored locally on your phone. But who can verify and trust that information just because they claim that is the truth?

Smartphones look like the perfect honeypots to gather fingerprint info on millions of users worldwide. Not only that, but we give phone apps the permissions to access storage, data, and other things. Who knows what data Google, Facebook, and other companies are acquiring from our phones!?
hero member
Activity: 2520
Merit: 783
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?

The risk is when your hands is severely injured and you cannot do finger print unlocking but if you are confident that there's nothing will happen to you, also you can spend less time to do unlocking just for the sake of security then do it if you can feel more secure for doing tha. But for me I will just make sure my phone is well secured and away from burglars or other things that can harm it since I find those thing hassle especially when keeping up opening my phone from time to time.
legendary
Activity: 2268
Merit: 18711
Not everything is as simple as it appears in the movies. In addition, it is not enough to take the fingerprint with an adhesive tape, nor a simple 3D printer. Even in the movies, a combination of necessary techniques is shown, which is not easy for most people.
Actually, you don't even need special tape at all. A simple phone camera and a 3D printer were enough to create a working fingerprint replica simply from a photo of a fingerprint which could fool even ultrasonic scanners, and all in <15 minutes: https://imgur.com/gallery/8aGqsSu

I don't know about you, but I don't fancy having my phone or my wallets secured by something which can be reliably broken in 15 minutes. I'll stick to my long and complex passwords which will take several millennia to brute force, thanks.
legendary
Activity: 2366
Merit: 2054
In crypto wallets, the fingerprint function is only to provide speed for transactions carried out without having to manually use a PIN. and for security remains on the private key wallet storage. It is even safer to use a hardware wallet, because mobile wallets are more susceptible to viruses even though they use fingerprints. Hardware wallet that applies Fingerprint Biometric technology that I know is D'CENT
https://dcentwallet.com/
I watched on youtube, That HW is replaced the PIN Function with a fingerprint. That's good progress I think. I hope when fingerprints not functioning properly, they have a backed manual PIN.

I don't know why too many people didn't believe the fingerprint technology, it has been widely applied in all aspects and security, If that technology has not safe, no one is developing it anymore.

What about such technology only being demanded, because it is convenient for users? It is not most safest, but most convenient to use for a regular user. If technology nowadays allow to use such security method, then same modern technology allow to bypass it or create a copy of persons fingerprint. Everyone saw in movies how it is easy to create a copy of a fingerprint with just a adhesive tape. With a use of 3d printer, I think it is possible to create a copy of persons finger. 
That is the point, I still don't believe all the tricks done by the movie. I ever try what the movie did, I tried to duplicate my fingerprint using silicone, but it didn't work when trying on my phone. It also depends, on when the all-important thing is inside, I think the user will keep his finger safe from burning.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
Everyone saw in movies how it is easy to create a copy of a fingerprint with just a adhesive tape. With a use of 3d printer, I think it is possible to create a copy of persons finger.

Fingerprint protection is not insured against cases, when a person looses finger, or fingerprint becomes unreadable. It can be burned by acid, or you can get multiple skin cuts and you would have to wait days or weeks before recovery. I would not take such risk.

Not everything is as simple as it appears in the movies. In addition, it is not enough to take the fingerprint with an adhesive tape, nor a simple 3D printer. Even in the movies, a combination of necessary techniques is shown, which is not easy for most people.

Real life is not so lively, and there are no high-tech criminals around the corner. Doing this type of theft requires extreme planning and is not an occasional theft. And in this case, no matter the security technology used, in such a plan there will always be a way to overtake.

In addition, the fingerprint never works alone, there is always a pin or password associated with it. If there is a problem with the finger, there is always an alternative.


legendary
Activity: 2492
Merit: 1215
I don't know why too many people didn't believe the fingerprint technology, it has been widely applied in all aspects and security, If that technology has not safe, no one is developing it anymore.

What about such technology only being demanded, because it is convenient for users? It is not most safest, but most convenient to use for a regular user. If technology nowadays allow to use such security method, then same modern technology allow to bypass it or create a copy of persons fingerprint. Everyone saw in movies how it is easy to create a copy of a fingerprint with just a adhesive tape. With a use of 3d printer, I think it is possible to create a copy of persons finger.

Fingerprint protection is not insured against cases, when a person looses finger, or fingerprint becomes unreadable. It can be burned by acid, or you can get multiple skin cuts and you would have to wait days or weeks before recovery. I would not take such risk.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
I don't know why too many people didn't believe the fingerprint technology, it has been widely applied in all aspects and security, If that technology has not safe, no one is developing it anymore. it's the same as a PIN or Password, it also depends on how much care you protect.

That's right!

The problem is not using the fingerprint as a security element, but the behavior of the device. Fingerprint is as insecure as PIN, password and even 2FA. If the person has an irresponsible attitude, by leaving the device unattended, accessing dubious websites, opening file of unknown origin, installing applications with viruses, among other things, no matter what type of security you use on the device will be in danger.

In other words, the problem is not in the technology that is used, but in the way it is used. A lot of people are pretty careless about these things and then they have problems.
member
Activity: 280
Merit: 10
Fingerprint lock and pin codes are good to use on mobile phones and app locking but that's it, if your private key somehow gets compromised fingerprint or pin lock won't save your assets from getting moved out.
legendary
Activity: 2716
Merit: 1855
Rollbit.com | #1 Solana Casino
I don't know why too many people didn't believe the fingerprint technology, it has been widely applied in all aspects and security, If that technology has not safe, no one is developing it anymore. it's the same as a PIN or Password, it also depends on how much care you protect. Same as blockchain Technology many people say that technology is not safe (a long time ago) because don't have central control, but after GFC 2008, all eyes were on decentralization tech.

Those who don't like the security of fingerprint technology may think that the devices used such as fingerprint sensors will be damaged and cannot read our fingerprints. Whereas fingerprint security is also supported by several other security such as PIN.

In crypto wallets, the fingerprint function is only to provide speed for transactions carried out without having to manually use a PIN. and for security remains on the private key wallet storage. It is even safer to use a hardware wallet, because mobile wallets are more susceptible to viruses even though they use fingerprints. Hardware wallet that applies Fingerprint Biometric technology that I know is D'CENT

https://dcentwallet.com/
legendary
Activity: 2366
Merit: 2054
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?
Just know that most technology available on mobile phones are made user friendly and can most probably be bypassed easily with higher tech or skills. IMO, fingerprint lock is mostly to prevent over curious people from seeing your balance in your crypto wallet when they are with your phone. It can only prevent people with little or no technical knowledge and skill, but will be a walkover most likely for people higher up the tech ladder.

Have you also considered the possibility of a mobile malfunction, and your mobile phone fingerprint lock accepts any fingerprint as the correct one. There are so many sceneries and possibilities to tell you that firstly storing all your coins on your mobile wallet is not safe, and fingerprint lock cannot be completely trusted to offer security to your coins.

I don't know why too many people didn't believe the fingerprint technology, it has been widely applied in all aspects and security, If that technology has not safe, no one is developing it anymore. it's the same as a PIN or Password, it also depends on how much care you protect. Same as blockchain Technology many people say that technology is not safe (a long time ago) because don't have central control, but after GFC 2008, all eyes were on decentralization tech.
legendary
Activity: 1456
Merit: 1108
Top-tier crypto casino and sportsbook
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?
Just know that most technology available on mobile phones are made user friendly and can most probably be bypassed easily with higher tech or skills. IMO, fingerprint lock is mostly to prevent over curious people from seeing your balance in your crypto wallet when they are with your phone. It can only prevent people with little or no technical knowledge and skill, but will be a walkover most likely for people higher up the tech ladder.

Have you also considered the possibility of a mobile malfunction, and your mobile phone fingerprint lock accepts any fingerprint as the correct one. There are so many sceneries and possibilities to tell you that firstly storing all your coins on your mobile wallet is not safe, and fingerprint lock cannot be completely trusted to offer security to your coins.
hero member
Activity: 1064
Merit: 843
I don't understand what does "someone" you referred to? your friend or hacker?

If you have a lot coins on your wallet, better to bought another cellphone that used for holding your coins or even a hardware wallet. This will prevent from your friends know how much you have on your cellphone. if you mean hacker, you also need another cellphone and install 2FA on separate cellphone. If you installed 2FA on the same cellphone you hold your coins, that's not 2FA work.
legendary
Activity: 2366
Merit: 2054
I would never do that.
Fingerprint or biometric authentication are flawed.
it's no problem if he wants to use it to lock/unlock fast. a fingerprint is authentic and unique, nothing is the same for each human, so hard to abuse (except in the movie) and with a fingerprint, he also doesn't need to enter a PIN every time which is very risky from spyware. Maybe the fingerprint technology is still new, so there are many shortcomings such as the sensor does not recognize it. But as far I know, when a fingerprint doesn't work, the phone will ask for a PIN Number.
hero member
Activity: 1400
Merit: 770
So be smart and avoid using them because some things if kept in traditional manner are more useful and secured rather than experimenting the technology aspects in them.

I think all security access has weaknesses including Pins, Password and Fingerprints, etc. But if there is a 3 layer security feature then I think it's pretty good, although we're a little bothered to open it. Learning from the many cases of loosing their assets, in fact it comes from our mistakes that we do not know and are aware of. So in the end you have to prevent others from knowing pins, passwords and getting copies of your fingerprints then everything will be safe. IMO
legendary
Activity: 1974
Merit: 2124
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?
As members have given out their suggestions to you regarding this biometric protection of your wallets I would also recommend you to avoid using fingerprint sensor to unlock your crypto wallets due to some reasons.

This sounds good and can add layer of protection with pattern or pin combination in case of fingerprint not working and it's designed in this manner but there are some technical faults in the software sometimes which would not able to detect the finger prints.

There was similar topic that i made about block also planning to implement this fingerprint sensor instead of having the traditional way of seed phrases but you could see it reduces security in many ways mentioned in this thread.You become exposed and your wallet is at danger because only one touch of your thumb could unlock it while seed phrase is not easy to remember and you don't carry hardware wallets all the time.

So be smart and avoid using them because some things if kept in traditional manner are more useful and secured rather than experimenting the technology aspects in them.
legendary
Activity: 2212
Merit: 7064
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?
I don't like using fingerprint for anything and I don't consider it a good option for improving security for several reasons.
It's easy to steal and clone fingerprint of anyone and you don't need to have any special equipment for that, simple silicone material can do the trick, and someone cam always cut off your finger.
You are touching stuff with your fingers and you are leaving fingerprints everywhere all the time, so I would rather use some good password or pattern instead.
For securing seed words best way is using multsig setup, or simple solution is adding multiple passphrases for improving security.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
As replacement of password/PIN? It would weaken security of your wallet/seed.
As additional lock option (such as from PIN to fingerprint and PIN)? It would increase the security, although the benefit is rather small when the attacker have physical access to your phone and your finger (e.g. when you sleep or drunk).

Personally i wouldn't bother use fingerprint to secure my device.
hero member
Activity: 2156
Merit: 803
Top Crypto Casino
I would never do that.
Fingerprint or biometric authentication are flawed. It is better to use password or pin based locks. Also avoid mobile wallet for hodling. Use it only for trading purpose or for transactions. I personally use password and 2FA for my mobile wallet.
legendary
Activity: 2268
Merit: 18711
If you use it on top of the pin and password, then yes it will add one extra layer of security, but I wouldn't use it as a primary source of protection.
Very few wallets or devices can be set up to require both a password and a fingerprint, though. In almost all cases, if you enable fingerprint biometrics then you can use that instead of your password to unlock the device or wallet. This doesn't add any additional security, and in fact greatly reduces your security, since it is significantly easier to fool a fingerprint scanner than it is to brute force a password.

Example is when you are sleeping, only your finger is needed to unlock your mobile device if you enable fingerprint lock, this will be able to bypass the password or pin, someone can use this opportunity to compromise your device and wallet when you are sleeping.
If you use fingerprints, someone doesn't even need access to you. They can lift your fingerprint from anything you touch, including the very device itself, and use that to unlock your device/wallet. If you are using fingerprint biometrics and your phone is lost or stolen, then you should assume that an attacker will gain access.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?

I don't know of actual wallets that would use fingerprint for encrypting the seed/wallet.
Block's hardware wallet may do something like that, but it's not a safe approach imho.

So I expect that the expected use case of your question is "security over avoiding someone to see my wallet balance via operating my phone".
But it's not actual security. Your fingerprint is always with you and one can wait until you sleep, or get you high on drugs, copy your fingerprint from objects you used, or simply cut your finger as an extreme case.
All in all, fingerprint is not security at all; it gives you a false sense of security.

(Also keep in mind that malware can still steal your wallet and since it's not encrypted, the hacker can get your coins.)
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
But did you want to add that layer of security, on your mobile wallet or on a computer?
He meant on mobile device. Even if finger print feature is on computer, it is not an extra layer of protection in most cases if it can bypass the pin and password. I will only advice using password or pin.

On a computer, it is always advisable to have a pin or password. Fingerprint can be considered an extra, but never the main form of protection. Because in case of failure, you no longer have access to the contents of the wallet.
There is no extra protection finger print can offer once password or pin has been used, fingerprint is just an easy and convenient means mobile devices itself or apps can easily be accessed. The best security amount those are passwords and pin.
legendary
Activity: 1722
Merit: 4711
**In BTC since 2013**
But did you want to add that layer of security, on your mobile wallet or on a computer?

Several mobile wallets already have this function, together with the password and the pin. So I think it's useful to use.

On a computer, it is always advisable to have a pin or password. Fingerprint can be considered an extra, but never the main form of protection. Because in case of failure, you no longer have access to the contents of the wallet.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?
Using a fingerprint lock did not add extra security to your seed phrase or wallet, but it reduces the security and safety of your mobile device and wallet. Example is when you are sleeping, only your finger is needed to unlock your mobile device if you enable fingerprint lock, this will be able to bypass the password or pin, someone can use this opportunity to compromise your device and wallet when you are sleeping. In case of many other attacks, only your finger print would be needed to unlock your device.

With this, I will advice you to just use only password or pin which protect your mobile device than finger print because once a finger print is enabled, your password or pin can be bypassed in most cases. Fingerprint is easy to use but does not add to security and reduce the security of your device.
legendary
Activity: 1722
Merit: 5937
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?
If you use it on top of the pin and password, then yes it will add one extra layer of security, but I wouldn't use it as a primary source of protection. I know it's more convenient and faster way to unlock the wallet or phone but the old school ways of protection (if you make a proper password which again is something that many fail) still beats the biometrics.

Beside using proper password, the best way to protect your crypto is by not having your mobile phone wallet as your main one where you keep majority or all of your crypto. It makes more sense to only use it as hot wallet and keeping there only the amounts you plan to spend in the next few days/weeks.
hero member
Activity: 1498
Merit: 711
Enjoy 500% bonus + 70 FS
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?
The highest security of wallet, is not exposing yourself seed phrase, because seed phrase is the only factor that makes your coin your wallet to be authentic, so emphasising about having fingers print, will you generate your means of inputting such column of finger print, the essence of having your seed phrase in private; is to secure your coin because if it's review to everyone, someone can penetrate to your wallet using another device.
jr. member
Activity: 47
Merit: 10
If I use a fingerprint lock on my crypto wallet will this add more security to my wallet and recovery seed or just security over avoiding someone to see my wallet balance via operating my phone?
Jump to: