Slashdot Mirror
How Secure Is Microsoft's Fingerprint Reader?
Moos3d asks: "I recently found out about this Microsoft Fingerprint Reader at the library and ever since then I have been fascinated by using something like this for my own PC. How secure is this compared to using multiple 10+ character long passwords? Some people I've talked to seem to think it isn't safe at all and some people seem to think it is only safe for casual use. I only plan to use it for online forums and other applications that don't require great measures of security so it seems to be perfect for me, but how secure do you think it really is?"
unless you make it a habit of pressing your thumb on gummi bears.r s_defeat_fingerprint_sensors/
http://www.theregister.co.uk/2002/05/16/gummi_bea
The hospital my father works in uses these to control access to data entry in the neonatal ward. The nurses would otherwise be typing in passwords about 300 times a day, as the computers lock whenever someone isn't standing at them. It means that the tracking data for who entered what data is always correct and that time isn't taken up typing in passwords all the time.
I'm not sure how easy they are to fool, but in the hospital, where people wouldn't be at the terminals unless they were a recognised user anyway, they're perfect.
My Journal
... but one that can't be changed and gets left lying around on a regular basis, but also can't (easily) be lost.
Against a casual attacker (all most of us really have to worry about), it's perhaps slightly more secure than the average password and it's much more convenient.
Against a sophisticated attacker, a fingerprint alone is much weaker than any password, unless you have a habit of writing your password on everything you touch. Yes, all of the fingerprint scanners claim to offer liveness verification, but in practice every time someone has seriously tested the claims, they've fallen down.
If you need really high security, a password is better than a fingerprint, but it's even better to use both. Of course, if you need really high security, you shouldn't be using a standard PC with a common operating system, and I'm not just talking about Windows. Everyday PCs are wide open to an attacker that has physical access to them, regardless of what OS you're running. A TCPA-enabled OS would be slightly better, but not much since the TCPA standards don't require any tamper resistance on the TPM, so a clueful attacker with physical access will almost certainly pwn your machine anyway.
IMO, and this is closely related to my day job, for low security and high convenience, go with a fingerprint. For moderate security, use either a good password or a combination of password/fingerprint or password/smart card or fingerprint/smart card. If you need high security, hire someone to help you figure out how to do it right.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Fingerprints make terrible biometric keys because you leave your fingerprint everywhere, unlike your password or retinal scan. Yes, fingerprints give that cool "we take security seriosly" aura, but are false security. Gelatin fingerprints are easy to construct from a fingerprint image, and difficult to detect when worn. Moreover once your fingerprint is compromised it is difficult to change. Doh!!!
hey don't support this (at least majority of forums I know
Having looked at the linked product, it appears that the thumbprint device unlocks a cache of stored passwords on the host PC, and the cache then transfers the (text) user name and password to the input fields of the websites. So the websites would not have to be compatible with the thumbprint device per se; it just has to allow autocompleted user/pass info. And most do.
That being the case, is this much more secure than a password protected password cache, ala Apple's Keychain? Probably not. I wonder if the thumbrprint reader even bothers to encrypt the print between the reader and the host PC; if not, with a USB sniffer like a keylogging device you're no more secure.
But let's say that the reader does encrypt the print--maybe it does. Do you think it's easier to get my print (glass, gummy bear, etc) or to read my mind for my password? And as another poster pointed out--I can change my password and therefore limit my vulnerability window to whatever temporal limit I choose. OTOH, if my thumb is compromised then I only get one more chance.
--
$tar -xvf