• roger.plowman - Friday, March 9, 2018 6:35 AM

    ...Easy to change a password, not so easy to change your fingerprints or retinal patterns. At best it's only good for local authentication, and even then it shouldn't be trusted. ...

    Password managers are another bad idea. Yes, you can use a randomly generated password for each site but A) what happens when your password manager is compromised (already happened once that I know of) or what happens when the password manager's data is lost in a hard drive crash and there's no backup.

    And don't say "cloud backup", that just makes it easier to have all your passwords stolen in one go.

    As bad as they are, passwords are the best solution we've ever managed to come up with that meet all the needs of authentication. They aren't perfect, but better than anything else we've tried.

    At some point, biometrics have to be converted into some encodable value for transmission and/or comparison. One needn't actually replicate the fingerprint, just its code.

    Agreed about the password manager thing... if someone steals your phone, or hacks your password file from your computer ... they have a static file that can be placed on a fast computer attacked for as long as necessary till it cracks. And THEN they have the keys to EVERYTHING.

    ...

    -- FORTRAN manual for Xerox Computers --