Why Are We Still Using Passwords? (securityledger.com) 209
Here's some surprising news from the Akamia Edge conference. chicksdaddy writes:
[E]xecutives at some of the U.S.'s leading corporations agreed that the much maligned password won't be abandoned any time soon, even as data breaches and follow-on attacks make passwords more susceptible than ever to abuse, the Security Ledger reports. "We reached the end of needing passwords maybe seven years ago, but we still use them," said Steve Winterfeld, Director of Cybersecurity, at clothing retailer Nordstrom. "They're still the primary layer of defense."
"It's hard to kill them," noted Shalini Mayor, who is a Senior Director at Visa Inc. "The question is what to replace them with." This, even though the cost of using passwords is high and getting higher, as sophisticated attacks attempt to compromise legitimate accounts using so-called "credential stuffing" techniques, which use automated password guessing attacks against web-based applications... Stronger and more reliable alternatives to passwords already exist, but the obstacles to using them are often prohibitive. Shalani Mayor said Visa is "looking at" biometric technologies like Apple's TouchID as a tool for making payments securely. Such technologies -- from fingerprint scans to facial and retinal scans -- promise more secure and reliable factors than alphanumeric passwords, the executives agreed. But customers often resist the technologies or find them error prone or too difficult to use.
"It's hard to kill them," noted Shalini Mayor, who is a Senior Director at Visa Inc. "The question is what to replace them with." This, even though the cost of using passwords is high and getting higher, as sophisticated attacks attempt to compromise legitimate accounts using so-called "credential stuffing" techniques, which use automated password guessing attacks against web-based applications... Stronger and more reliable alternatives to passwords already exist, but the obstacles to using them are often prohibitive. Shalani Mayor said Visa is "looking at" biometric technologies like Apple's TouchID as a tool for making payments securely. Such technologies -- from fingerprint scans to facial and retinal scans -- promise more secure and reliable factors than alphanumeric passwords, the executives agreed. But customers often resist the technologies or find them error prone or too difficult to use.
Those... arenâ(TM)t more secure (Score:4, Insightful)
Biometrics are not more secure than passwords - theyâ(TM)re less secure but sufficiently more convenient that you can convince people to use them.
We still use passwords because theyâ(TM)re still the most secure way of authenticating your identity when combined with a second factor.
Sometimes the first impulse is right (Score:5, Insightful)
think of them as a mutable biometric. it's biometric because its stored in your brain. It's mutable because you can change it. it can't actually be stolen from you if you don't give it up or write it down.
it's only when you go to transmit it that the problem occurs.
When you look at this this way, then you see that things like finger prints or retina have the same problems and worse. they are not mutable, they can be taken from you without you knowing it, and the transmission layer is still vulnerable
Nearly always, your first solution to a problem is the best one. Not always of course or there would be no need to research and study. But people have been using passwords for milennia because they are an effective tool that works from giving something to the sentry, to logging into google.
and the biometrics can change (Score:5, Insightful)
accident damage, surgery, degredation of the eye are some of the ways you can be locked out of a biometric identifier. as the population ages, this is an issue that you need to think about. I will not use bios for this reason, as for some reason, I am not getting younger and more invulnerable.
Password change=surgery (Score:2)
The problem with biometrics is that if my information gets hacked the only way I can change it is via surgery and I'm simply not willing to have eye surgery to change my iris if my iris pattern is hacked when I can change a password simply by thinking of a new one.
Re: and the biometrics can change (Score:4, Insightful)
Passwords are âoesomething you knowâ, and would be impossible to hack, or obtain, since itâ(TM)s metaphysical and in your brain. The trouble with passwords is inconsistency and bad practice.
Expiring passwords was recently deemed a bad idea by NIST, since it leads users to simple patterns and incremental changes of least-complexity allowed.
Furthermore, any system which allows arbitrarily large guesses is weak, not the password itself. It doesnâ(TM)t matter if itâ(TM)s biometric, passwords, tokens, sms messages, anything. All these systems send binary numbers representing the measured input, and I can code a computer to log in using random or incremental data. With enough guesses, Iâ(TM)m going to be right. The only defense is a system where wrong guesses locks accounts, and a different form of identification is required. The iPhone does this best IMHO. You can use your finger only a half dozen times incorrectly before it moves to passcode. 10 wrong tries with that, and wipe. Go back to your backups.
Itâ(TM)s astonishing how well it works, contrasted with how poorly the rest of Appleâ(TM)s authentication mechanisms work.
The other problem is systems which store the plain-text of passwords. When a site gets hacked with users and passwords, they werenâ(TM)t using a one-way hash, with a good user-unique salt, and the passwords are now compromised. Since uses tend to repeat a password over multiple services, your password is now only as strong as the weakest system. This is where two-factor comes in to play. A few wrong two-factors and the account should get locked, and the password should be expired.
Good systems will lock after too many bad tries, and passwords should be two-factored so reused passwords that were exposed online are rendered ineffective.
Re: (Score:3)
Re: (Score:2)
The problem is passwords (or hashes) are stored at the places you authenticate.
You say that like storing the password and storing the hash are somehow equivalent. They are completely different. Passwords should never be stored. But storing salted hashes is standard practice, and is secure for modern hashes, especially when combined with limited attempts and credential verification.
Re: (Score:2)
Biometrics have the same problem. Once your face scan is taken, its just a bunch of ones and zeros same as your password is, and is subject to all of the same storage and security requirements in order to keep it safe.
And most importantly, it wouldn't be excessively hard to create a dummy device that emulates the biometric scanner's output once you know the expected input data.
Re: (Score:2)
When you look at this this way, then you see that things like finger prints or retina have the same problems and worse. they are not mutable, they can be taken from you without you knowing it, and the transmission layer is still vulnerable
Mutability doesn't matter for biometrics, and neither does the fact that copies can be taken without your knowledge, because those don't affect the biometric security model. I wrote a detailed analysis here: http://divegeekstuff.blogspot.... [blogspot.com]
Re:Those... arenâ(TM)t more secure (Score:5, Funny)
Like passwords with unicode in them. Impossible to share via Slashdot.
Re:Those... arenâ(TM)t more secure (Score:5, Informative)
Biometrics are not more secure than passwords - they're less secure but sufficiently more convenient that you can convince people to use them.
A fingerprint is more convenient until the moment you get a blister (or some other damage) on your finger(s), then you're locked out. Seems unlikely? When I got a job at the NASA LaRC way, way back, I had to get fingerprinted, but couldn't because I had been working on my car that week and my hands and fingers were all beat up. I had to wait a week for them to clear up enough to get processed.
Re: (Score:2)
A fingerprint is more convenient until the moment you get a blister (or some other damage) on your finger(s), then you're locked out.
Every biometric system I use has a password fallback. The biometric is only for convenience.
Re: (Score:2)
"When I got a job at the NASA LaRC way, way back, I had to get fingerprinted, but couldn't because I had been working on my car that week and my hands and fingers were all beat up. I had to wait a week for them to clear up enough to get processed."
Or you could be in the unfortunate position my wife constantly finds herself in when faced with biometric demands for fingerprints (primarily immigration/visa issues) - her fingerprints are so light that most systems simply can't pick them up. (She can't use iphon
Re: (Score:3)
I thought biometrics also serves a different purpose - identification, rather than authentication.
Re: (Score:2)
I thought biometrics also serves a different purpose - identification, rather than authentication.
My laptop uses it for both. My fingerprint authenticates me and gives me access. It also identifies me, so it opens the right account. If my wife puts her fingerprint on the scanner instead, it opens her account.
My bank uses it only for identification. I still need to show an ID or enter a PIN for most transactions.
Re: (Score:2)
We still use passwords because theyâ(TM)re still the most secure way of authenticating your identity when combined with a second factor.
About a decade ago, Etrade sent me a small free keychain about the size of a stick of gum (1cm x 4cm x 1/2cm). It had a small digital display that had a password that changed every 60 seconds and was somehow synced with etrade's webserver. Even without a secondary password, this is a very secure system. It's not connected to the internet and you would likely know immediately if it was stolen. It ran on a single watch battery for over a year. It likely only cost a couple dollars to produce. The technol
Re: (Score:2)
Re: (Score:2)
No one tell this guy about RSA
Yes, it was manufactured by RSA. That's not really the point. The point is that it has existed for a decade, it doesn't require an internet connection, and they are cheap to produce. There are even free versions today that use an app on your phone. Noone wants to use them. Most people would prefer to either use the same password everywhere or to have all their passwords memorized so if someone steals your phone they automatically have all your passwords too. People don't care about security until afte
Re: (Score:2)
...or a device that supports a standard like U2F [infogalactic.com]. There are at least a couple of options here; the Trezor [trezor.io] that holds my Bitcoin stash is also currently set up as a second factor for Google and Dropbox. There's also a YubiKey [yubico.com] that supports U2F.
Re: (Score:2)
Perhaps I have to use a touch pad that punctures my finger and takes a blood sample. It will check the dna of my sample, and if it matches what is on file, I will be able to log into the system. Perhaps, in lieu of the blood sample, a saliva sample would suffice. Blow into a straw and if the dna matches, voila-- access.
Biometrics arenâ(TM)t secure... (Score:5, Insightful)
If I ever get arrested or stopped at the airport, my phone could be unlocked by forcing my finger on the button or scanning my face(iPhone X). So without a password, biometrics can trivially compromise your security against state/pseudostate actors when they have physical access to you. At least with a passcode they have to observe some sort of due process to coerce you.
SLASHDOT: FIX YOUR CODE MANGLING!!! (Score:5, Informative)
people who post to slashdot from iphones and such get all of their apostrophes turned into å(TM)t â(TM)t
THis is 2017, it's possible to parse plain text and unicode correctly now I have read.
Re: SLASHDOT: FIX YOUR CODE MANGLING!!! (Score:3)
No, sorry; it is the fault of Slashdot for still not supporting Unicode 20 years later.
Rather pathetic, really.
Re: (Score:2)
Re: (Score:3)
I've never heard of a pipe wrench referred to as "due process" before.
Re: (Score:2)
I've never heard of a pipe wrench referred to as "due process" before.
Quite correct. For it to count as "due process" it has to not leave a mark. Something like waterboarding for example.
Re: (Score:2)
Fucking mindblowing I know
Re:Biometricsare not secure (Score:2)
How do you propose to log into a website with your fingerprint? Put it on the reader and send it to the website? Unencrypted? Oh Oh now instead of just a password compromised, if it is intercepted, your fingerprint is out there for anyone to use
And what makes you think the websites will be any more diligent about safeguarding your fingerprint (or the encrypted version thereof) than they are about safeguarding your password (or an encrypted version thereof)?
Using biometrics as a 'login' device is an insanely
Re: (Score:2)
This includes my bank, investment firms, and hospital (that's the one keyed to my specific phone).
customers often resist the technologies (Score:4, Insightful)
The best method of authentication, as far I I've experienced, is a physical token (keycard). Worst case scenario, I don't notice it's missing after two days (Friday evening till Monday morning). Chances are I've dropped in a city centre rather than haven it exploited by an unknown agency. Even still, they;ve only got the physical credentials of a low-tier employee. On-site physical access is still required.
Re: (Score:2)
Re: (Score:2)
"Why Are We Still Using Passwords?" (Score:2, Insightful)
"We reached the end of needing passwords maybe seven years ago" - "The question is what to replace them with."
qed
Re: (Score:2)
https://www.grc.com/sqrl/sqrl.... [grc.com]
Re: (Score:2)
and nobody can log in from a different device
Easy. Associate each of your devices to your identity provider as you buy them.
Re: (Score:2)
They key would have to be stored somewhere off of your device, otherwise you would be locked out of your own accounts if the device were to be lost or broken. This is exactly as secure as just having a private key file somewhere. With all the pitfalls involved with that.
I see it as a step backwards from something like LastPass as it provides no security benefits, with a bunch of downfalls that you stated.
Gibson is a smart guy, but I have no idea what problem he thought he was solving here.
Re: (Score:2)
Even though I use it myself, I consider LastPass to be a band-aid for a system that's broken by design.
SQRL is an attempt to solve the lunacy of requiring complex, unique passwords required for every different website you visit. We've seen time and time again that people are terrible about managing passwords. SQRL uses a secure authentication mechanism that improves on username/password in several key ways. The most important feature, IMO, is that the website only requires the use of public information t
Re: (Score:2)
Maybe so, but given that we haven't even seen SQRL out of the gate with an official client release, I think it's a big too early to tell. There's a lot of inertia behind password-based logins, so I'd say the odds are long against it, even if it has some good technical merits.
FWIW, you made two completely factually-incorrect statements about SQRL in your first post. You seem a bit dismissive of the project in general, so no offense, but I'm not going to waste my time explaining further.
Re: (Score:2)
without introducing complexity people can't understand and won't use
Totally agree, but given that you pretty much need to use a password manager to safely use passwords online these days, I'm not sure how much worse a SQRL client could be. I can't vouch for ease of use, though, as I haven't actually tried the client myself yet - only heard it described in some detail.
where anyone can log in if they have your device
This is incorrect. The client is designed to always require a subset of your password, like a PIN, every time you authorize. More to the point, I certainly hope by now that most people have locking phones wi
Who and what do you trust? (Score:2)
You are right of course to distrust your own mind; it has a bias for convenience. But someone gives you a thing like a crypto token and tells you to entrust your deepest secrets, perhaps even to imbue the artifact with your personal authority.
Should you trust that thing so much, keeping mind that in effect means trusting everyone involved in its programming and provisioning?
I foresee passwords remaining useful and indeed essential, despite their obvious limitations, as part of two factor authentication.
Re: (Score:2)
Sanders lost to Clinton because Clinton had spent nearly 40 years, from her days as First Lady of Arkansas, cultivating relationships with Democratic activists and party insiders. She'd campaigned nationally multiple times, twice as the wife of Bill Clinton and once as a candidate herself. The only way to overcome that kind of advantage is to have a candidate with immense natural political talent, like Obama.
To win the nomination of either party you have to win the party base, which Sanders failed to do;
Give up anonymity if it saves just one life (Score:5, Insightful)
Clearly we need to replace passwords with a chip or mark or tattoo in the palms of the hands and on the foreheads / retinas, etc. Then we need to make sure that people can't buy or sell without taking these marks on themselves. Naturally cash will have to be eliminated. This way we can control and identify what the people spend their money on and we can use this information to further oppress and bind them down into abject bondage and suffering. Yep, that's the ticket. No more anonymity, all must bow down and accept the will of Evil. Every citizen a slave.
"A jackboot stamping on a human face forever"-Orwell or Huxley, i forget and am too lazy to search.
Re: (Score:2)
We live in both Huxley and Orwell's worlds at the same time.
http://www.zerohedge.com/sites... [zerohedge.com]
Re:Give up anonymity if it saves just one life (Score:4, Insightful)
Clearly we need to replace passwords with a chip or mark or tattoo in the palms of the hands and on the foreheads / retinas, etc. Then we need to make sure that people can't buy or sell without taking these marks on themselves. Naturally cash will have to be eliminated. This way we can control and identify what the people spend their money on and we can use this information to further oppress and bind them down into abject bondage and suffering. Yep, that's the ticket. No more anonymity, all must bow down and accept the will of Evil. Every citizen a slave.
I had no idea that Pat Robertson was on Slashdot! You forgot the part where God will fix this problem if we just get rid of all the "homos".
Re: (Score:2)
Good post. I have a small critique, though.
You forgot to think of the children.
Oh FFS, not this crap again (Score:5, Insightful)
We use passwords because it's something you know AND SOMETHING YOU CAN CHANGE WHEN COMPROMISED.
You cannot change your fingerprints or other biometric data so when it's compromised or when technology advances in a way which allows the biometric sensors to be fooled then you are completely and totally stuffed. :-(
Do the people proposing this ever have _ANY_ real world experience at all ?
Oh, and yes, using biometric data allows intelligence agencies, who will likely be able to obtain that information in various ways, to pretend to be you when they want to compromise systems you control.
Re: (Score:2)
You cannot change your fingerprints or other biometric data so when it's compromised
This is irrelevant. I wrote a detailed explanation here: http://divegeekstuff.blogspot.... [blogspot.com]
Do the people proposing this ever have _ANY_ real world experience at all?
I do, about 30 years' worth, in both physical and information security.
Steal all the biometric files (Score:5, Insightful)
Re: (Score:2)
Re: Steal all the biometric files (Score:2)
I suppose you could prefix a pin or password to the biometric data which, when hashed, creates a unique signature.
But then it takes us right back to square one in requiring a variable password or pin to begin with, so what would be the point.
Is a trade off I guess.
Passwords are easier to compromise, but also easier to change. Biometrics, not so much.
Protected vs Unprotected (Score:2)
While other solutions may be more effective at preventing misuse by third parties, you are not required to give your password to law enforcement without reasonable cause.
Their simply demanding it is not " reasonable cause ".
Whereas your biometric ID is fair game. They can, and have, walked into an establishment and forced everyone who used biometric fingerprints to unlock their phones to do so. You have no recourse.
I'll keep my passwords until they fix the other problem thanks.
Re: (Score:2)
Citation needed. That sounds ultra-paranoid.
Re: (Score:2)
That's nice, but it does not begin to cite the GP's assertion that "they [whoever they is] can, and have, walked into an establishment and forced everyone who used biometric fingerprints to unlock their phones to do so. "
Re: (Score:2)
They can, and have, walked into an establishment and forced everyone who used biometric fingerprints to unlock their phones to do so.
What's the difference between that and "enter your password while I look away"?
Re: (Score:2)
Re: (Score:2)
That *is* my password, you insensitive clod!
because.. (Score:5, Informative)
1. They aren't tied to biometrics, which once compromised, aren't easily changed. Plus, many people find it instinctively invasive, possibly because of that reason. In contrast, passwords/x509 are easily changed when when compromised or forgotten.
2. Biometrics work as authenticators but not as authorizers.. Nothing stops someone from duplicating your biometric properties (pic of your fingerprints or irises/face) without your authorization. Not so with a password.
Re: because.. (Score:2)
What you meant was âoeidentifiers, not authenticatesâ. Gotta understand it if youâ(TM)re gonna argue it.
Re: (Score:2)
Sorry, I stand corrected.
Longeivity (Score:2)
Algorithms to validate, store and process passwords have been around a LONG time. Best practices are well known, and are relatively simple. You can build a password-based access control system using off the shelf libraries and known patterns that is very difficult, if not impossible, to bypass. The limiting factor to it's success is human fallibility.
Nearly everything else is complicated, involves a lot of math that not a lot of people understand, or third party hardware you might not trust, or third party
Yubikey (Score:2)
Just support devices like Yubikeys everywhere. Done.
This is what I use for Google/Gmail, Facebook, Github, and anything that requires SSH access. No more passwords. Just a physical device with a simple pin code.
Services still require a mobile phone number (Score:2)
But have you figured out how to U2F key with Google or Twitter without first setting up mobile phone verification? Say I want to have U2F (such as YubiKey) as my primary second factor, with TOTP (such as Google Authenticator) as a backup. But services like Google and Twitter support these only as backup second factors, not primary second factors. If I try to set up one of those as a second factor on Google or Twitter, the site won't let me proceed past the mobile phone verification. I don't want to use a mo
Requires Chrome; git push still needs password (Score:2)
[YubiKey] is what I use for Google/Gmail, Facebook, Github
How does that work?
As far as I can tell, U2F on GitHub is incompatible with Mozilla Firefox, incompatible with Edge, and incompatible with Safari [github.com]. I'm not even sure it works with other Chromium forks, as the page mentions Chrome. In addition, you need to buy a supported smartphone or tablet first because U2F requires working TOTP [github.com], and you still need to generate a password for use when pushing [github.com].
The answers (Score:5, Interesting)
The answers are pretty obvious.
Firstly, we still use them because there's no reasonable replacement. Duh.
Secondly, there's no reasonable replacement because of the way our computers work.
Passwords are essentially information held in a system outside the computer (your head), that can be used for verification. The problem is that humans aren't really good at remembering passwords, and we need so many of them, and they are infrequently needed.
All attempts at using computers to solve this issue have run afoul of the "general purpose computer" problem: because our computers do not address security properly, we cannot guarantee what software is running on the local hardware. We cannot guarantee the security of passwords held on the computer, or in an encrypted file, because it's so easy to download and run malware. No one keeps track of all the things run on the computer, and we can't even trust the people who supposedly *do* keep track.
One reasonable solution is to use hardware specific to the purpose that's *not* a general purpose computer.
If you had a piece of hardware - a thumb drive, for example - that was *not* general purpose and could not download and execute code, then that could be made pretty secure. It could hold a person's private key, have functions to encrypt, decrypt, and sign documents, and also pass out the public key. It could also download and install new keys, with the understanding that the base functions could not be changed.
There's some details involved: you need a way to securely backup the data, and you need a way to securely recover the data in various situations. Mostly, you need to save the data somewhere safe and write down a master password (one, a PIN of sorts) somewhere else.
The Mooltipass [themooltipass.com] is pretty close. It generates strong passwords for each web site registration, and will fill in the fields for you when you go to log in.
That's not the complete solution, however. It should *encrypt* the password with the user's private key and the site's public key so that no one can view it(*), or even better use a zero-knowledge authentication process.
If we could somehow begin using a fixed-program computer - say, something the size of a credit-card calculator that requires a pin and that holds the information for *all* the cards in your wallet - we could get away from passwords.
We would also have a single point on which we could put *all* our effort to make secure.
Hypothetically, that one card would reduce credit card fraud to near zero. When you use the card you enter your PIN on the keypad, and the card generates a ShopSafe number tied to your credit account, valid for one purchase.
Take a look at the badges at high-tech conferences these days. It seems like the hardware shouldn't be that hard or expensive.
Could this be the next killer product from Apple? A hand-held thingy that's secure and ultra-convenient, that you use for payments (IRL and online) and password entry?
(*) Yes, ssh is not absolutely secure. Did you think all those cert authorities in your browser have been properly vetted?
Re: (Score:2)
I don't like the hardware answer to this problem. It's fraught with issues. The biggest one, which I encountered personally, is what happens when your device is irrecoverably lost. Or in my case, my phone number was lost. I could not get the same phone number, I had to get a new one, and it made fixing sites I had doing 2FA via SMS to my phone number a real bitch to recover. Took many emails and a sob story to get 2FA stripped from my account so I could get back in.
This is a serious problem. If Google
Re: (Score:2)
Except that a dongle is equally unreliable at telling you what you're agreeing to, which is pretty essential to signing otherwise it's purely an authorization token.
Biometrics are ID, not security (Score:2)
Such technologies -- from fingerprint scans to facial and retinal scans -- promise more secure and reliable factors than alphanumeric passwords, the executives agreed.
No, no no, my god, no. Something that can be acquired just by looking at you is not secure. Using as authentication something that can only be changed by destructive surgery is not sane.
Asked and answered (Score:2)
the obstacles to using them are often prohibitive
Which makes the article rather pointless.
However it misses out a vital aspect. No matter what technology replaces passwords, it will get hacked, faked, or discovered. One day. And that means that whatever security measure is in place, it must be changeable by the user, just like passwords are.
So that rules out all the biometric options, if they were only to be used on their own. Consequently, wha
Don't kill them, implement 2FA+ (Score:2)
When trying to secure servers, if you don't have 2FA+ enabled, then you should be fired and blacklisted!
Re: (Score:2)
In 2017 it's no longer acceptable to have a single factor of authentication to a system, especially with the prevalence of TOTP and Hardware key, such as YubiKey.
Which is why I find reliance by Google and Twitter on SMS as the primary second factor, with TOTP and YubiKey relegated to backup second factors, to be unacceptable. What would you recommend for working around this unacceptable situation?
Disposable personal authentication devices (Score:2)
Here is a thought. How about multipurpose disposable personal authentication devices.
Think of TouchID. They key thing about TouchID is that the biometric authentication is "on device". So if you decoupled the TouchID from the iPhone, and developed a token that could use generate a one time passphrase that you use to login to any website, that would mean an attacker needs physical proximity to you to steal your logins. Goodbye Russian hackers.
Single point of failure yes, but also single point of hardening.
Re: (Score:2)
Welcome to the world of FIDO U2F (fidoalliance.org). The best-selling U2F device these days (the YubiKey line... note that FIDO U2F is only one mode those work in) does not do biometric authentication before responding with one-time public-key-based security, but there are more expensive U2F devices out there already that do local biometric unlock.
Re: (Score:2)
Re: (Score:2)
control (Score:2)
Because all the big sites wanted to be OpenID providers but not to accept logins from elsewhere.
A way better qyestion is (Score:2)
Why a 4 digit pin code is considerd secure?
Passwords for something you care enough about to protect are only the start. Businesses have been using TFA either Secure ID or via text for years.
Nothing better. (Score:2)
Biometrics make horrible passwords. They are way too easy to steal and copy. Two factor makes more sense, but it is still a password. I suggest a many-factor system.
What we do in real life is use a combination of multiple different methods. It's not just the way your face looks, but the location, clothing, and voice.
A complex system that combines multiple methods, assigns a percent sure of identity might work. It could include a simple password (six characters), that must be typed on live video (incre
Yes, I'm that guy (Score:2)
It's Akamai, not Akamia.
The best safe (Score:2)
Alas, as of this moment, the one place you can put something that NO ONE else can get it is in your mind. This is the ultimate safe.
This is why passwords remain the preferred authentication method. Because it feels secure, your mind is the only place the key exists. As soon as you move that key out of a person's mind and into a device, or biometric, it's no longer in the best safe in the world. Your mind. It's a very important semantic. People feel passwords are safe because they're stored in the best
Biometrics are provably not secure (Score:2)
Fingerprints are easily forged. The excellent paper http://web.mit.edu/6.857/OldSt... [mit.edu] covered the issue 15 years ago and remains valid with even the best modern fingerprint scanners.
biometric binary blobs (Score:2)
A person determined to use passwords in a sane way (every password unique, with 60+ bits of true entropy) enjoys at least a modicum of confidence that the password implementation itself is simple enough to actually work as implied.
I'm about fifty years away from believing than any biometric security solution can be trusted without inspection (we still need some astounding advances in proof-of-correctness technology).
And I don't really feel like reading all that code, anyway. Theo and his crowd probably won
"The question is what to replace them with." (Score:4, Insightful)
Re: (Score:2)
How do you change your fingerprints, or your eye's iris?
They do it in movies and anime all the time.
Re: (Score:2)
Bingo! Biometrics suck. How do you change your fingerprints, or your eye's iris?
This is irrelevant. Your erroneous argument arises from the mistaken application of the secrecy-based security model of passwords to the acquisition process-based security model of biometrics. I explained at length here: http://divegeekstuff.blogspot.... [blogspot.com]
Something you know, ... (Score:2)
There are three factors for authentication. Something you know, something you have and something you are.
Why would we give up one in favour of another when we could adopt the radical idea of using TWO AT ONCE.
Passwords have the same problem as credit card #s (Score:2)
Fortunately, that means they have the same solution as credit cards. Chip and pin works by you remembering a PIN (like how you remember a password). You enter the PIN into an authorized device, and that allows the device to query the chip. The chip then establishes a secure link to the processing site. Intercepting that session's communications doesn't
Biometrics more secure? (Score:2)
Biometrics are riskier (Score:2)
You can change your password, but you canâ(TM)t change your fingerprint.
Aside from all the low tech ways to defeat biometrics (gummy bears anyone?), the simple issue is if your biometric information gets compromised, youâ(TM)re toast.
Stop using passwords.... (Score:2)
Identification v. Authorization (Score:2)
Why can so many people, even people "in the industry" not understand the difference between Identification and Authorization.
Biometrics is a good form of Identification, it's hard to lose your fingerprint or your retina (it can happen but it's not common in everyday life). You can't forget them at home, your spouse can't take yours with them by mistake, etc. A biometric ID/Authorization system can be excellent, near perfect if fact, at identifying you as you but it has no ability to handle the situation whe
Because (Score:5, Insightful)
>"Why Are We Still Using Passwords? "
Because they are cheap, generally convenient, proven, and understood. Passwords actually work quite well *IF* they are managed correctly. And despite the summary, dictionary attacks are generally useless when servers are configured correctly.
For high security, when necessary, combining a password with a token of some sort is extremely effective.
Nice try (Score:2)
Now fuck off trying to fool people into making your job easier.
Biometrics are only local authentication (Score:2)
A secret is always going to be the best security. However, how knowledge of the secret is verified can can be improved in a lot of ways.
A Fingerprint is a Password (Score:2)
And for most of us a fairly permanent one at that.
What an absolutely asinine statement by "the executives".
Question and Answer are provided (Score:2)
The question posted is: Why Are We Still Using Passwords?
The answer is provided in the summary: Stronger and more reliable alternatives to passwords already exist, but the obstacles to using them are often prohibitive
Nothing more to say.
Legal protection (Score:2)
A password provides you legal protection from being (legally) forced to divulge it, not so with biometrics or hardware authentication dongles.
Multifactor is always better, but a key component of that has to be something hidden in your mind.
Duplicate Post (Score:2)
https://it.slashdot.org/story/... [slashdot.org]
Let's re-hash the same old crap and get advertising revenue, yay.
Biometricas are resused, unchangable passwords. (Score:2)
Until the biometric device is talking directly without any middlemen (like the vendor or the internet) to the payment people, it is inherently less secure. Because at all the points between, it's just a digital password, and one that is (a) reused between sites and (b) unable to be changed.
Re: (Score:2)
Text input is the one universal constant we have for communicating between user and computer.
And requires only the same basic hardware that is required for general purpose user input...
Re: (Score:2)
Who is Popels?