Hacker News new | past | comments | ask | show | jobs | submit login

Sure it is, the same way a password is revocable: pull e "hash" out of the database you compare against.



How does IT issue you a new fingerprint?


Well, in most cases there are nine other digits you can use. That's probably a reasonable amount of redundancy.


I change my password more than 9 times a year, and I plan to live for more than one year.


That's not IT issuing you a new password, that's you changing it. The point is that biometrics are perfectly feasible as one of the two factors (instead of something you know) and can still be revoked.


I also don't leave my password on everything I touch.

Biometrics are a terrible idea. Password + token is much safer and infinitely revokable. And the server can even tell when an HOTP device has been cloned.


That, and not the revocability, is the core of the problem. It also comes back to a foundation of security: something you have and something you know.

Personally, I think most biometrics are bunk, unless you use multiple (fingerprint, iris, etc) along with some kind of password.


Super Glue and Silly Putty


A white-hot knife to the finger?




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: