Microsoft Puts Built-In Fingerprint Sensor On Its 'Modern Keyboard'

Status
Not open for further replies.

Wingman22

Prominent
Jun 16, 2017
2
0
510
biometric authentication?
biometric at most can be used to get your username, and that is a risk already. It can't be easily changed.
Password must be secret and very hard to guess at all cost
 
G

Guest

Guest
Using biometrics as password is wrong because once it gets compromised it is not like password which you can change.
 

ravewulf

Distinguished
Oct 20, 2008
972
33
19,010
Does Windows Hello still require you to create a simple numeric key as a backup to unlock your device? Cause that's another huge security flaw. Guessing or cracking a short numeric code is insanely easy compared to a password.

Also, I can't wait until Microsoft moves on from "Mondern UI" etc to something else because I am not a fan of this aesthetic.
 

thundervore

Distinguished
Dec 13, 2011
1,030
1
19,460
Most people are forgetting that a US court can get a warrant for fingerprints to unlock a device (because its something they have) but they cannot get a warrant for a password due to one cannot self incriminate themselves (its something only you know).

I'm surprised its not backlit, would be beautiful if it was.
 

rantoc

Distinguished
Dec 17, 2009
1,859
1
19,780
I have to agree with most clever people who see beyond today - Using any biometric as password is just STUPID, once its leaked/scanned or whatever it will open up all places where its used and even "is the scanned part/material alive" checks can be fooled... So using biometric for password is just as stupid as reusing the same password on multiple sites beside here it's not even possible to change it IE once spent its useless.
 

falchard

Distinguished
Jun 13, 2008
2,360
0
19,790
Biometric passwords are usually used in one of 2 cases. Either it is part of a 2 step authentication, or it is device specific. In these situations, the problems of a biometric scan are much better mitigated. For the common user, it would be easier for them and would be more secure than the typical 8 character password.
 

computerguy72

Distinguished
Sep 22, 2011
190
1
18,690
Wow. Lots of people speaking authoritatively who literally know nothing about what they rant. To the guy who thinks a court can force you print to be released - that could only happen with the image which isn't used in any of these consumer systems. It's only used to extract in a fips and AFIS systems and even then not in the same database. To the guy who thinks template data can somehow be built into a useful image - that is absolutely false. To those who says these are less secure than a password... you must be kidding... Just like very old passwords, very old fingerprint system were similarly vulnerable. To the guy who says your fingerprint can't easily be changed - since what's used in the extraction and how much of it is stored in the template technically the data changes for every system. The resolution in most of the systems today even detect the pores in your finger.
 

therealduckofdeath

Honorable
May 10, 2012
783
0
11,160
99.999% use either insecure passwords or write them "in plain sight" because they're too hard to remember. Yes, biometrics has never been considered secure as Fort Knox. Nobody has ever claimed that. It is however infinitely more secure than having the password written on a sticker on the side of the display. This is not intended for "master passwords", this is for unlocking those dozens of applications and other things people otherwise ALWAYS use the stereotypical "Secret1" password on.
 

Dragon4570

Honorable
Apr 11, 2012
28
0
10,540
The first and foremost thing to remember about biometric scanned passwords is that they CAN be spoofed. The ridge depth of a fingerprint is a known quantity. Getting the print itself isn't that hard, after all you do eat and drink in your own home so there are plenty of places to get the print from. 3D printers with the appropriate media in them can then print a copy of the fingerprint and it can then be placed over a living finger to fool the "Is it alive" features. Facial recognition, even 3D recognition can be fooled with a proper photo and for the 3D ones simply jittering the photo while it is scanned can fool some of the software into believing it is actually the person. But when it comes to the Microsoft fingerprint scanner logging you into Windows 10 no one is even addressing the elephant in the room. That is that Microsoft has already built into Win 10 a complete spyware package and you can't fully get rid of it. So they will have the prints in question available to them as soon as the computer in question goes out on the net.

A password consisting of AT LEAST 8 characters including upper and lower case as well as special characters and at least one digit is much more secure from everyone except Microsoft. Remember you have 92 characters, numbers, symbols total available to you on a keyboard, that equates to 92^8 available combinations.
 

deepblue08

Distinguished
Aug 30, 2012
82
6
18,635
"And even if it were, it's easier to protect an idea than it is to stop someone from forcing your finger onto a scanner." almost sounds like the line from V for Vendetta.
 
Biometrics are in no way the most secure means they have been touted as to authenticate a person. Even Tom's has posted articles/news stories on this very failure.

Thinking of chipping people like this? Don't count on use/data staying the same as they can be changed, on a whim in some cases. It's thankfully voluntary right now, but.... as I already mentioned, uses can be redefined, internal data can be expanded (well, at least data attached to the ID code)... Also, like biometrics, there is the chance of forgery (especially if encryption is weak) or even the more drastic actions that can be used with biometrics. Not least, this RFID business also has privacy concerns... that the biometrics that we are familiar with, and passwords, do not have.

Pure and simple, passwords (stupid simple (not recommended) to overly complex) are still the best form of validation.
 

hitman400

Distinguished
Jul 24, 2012
91
0
18,630
Ya not quite sure how people are so against biometrics. As Tech2020 said, it cannot be hacked but stolen. It pretty much comes down to someone having access to your home and being able to get a fingerprint.
 


I agree. Others, however, apparently do not, like that company in Wisconsin.
 

jose pichardo

Reputable
Jul 20, 2014
2
0
4,510
what about if i die and someone cut my finger and unlock my pc, no thanks i prefer they try whatever they want to unlock my pc but not by iris or fingerprint , im still waiting for a hacker to hack me lol.
 
Status
Not open for further replies.