undefined | Better HN

0 pointszeveb10y ago0 comments

A fingerprint cannot protect data, since it's both public and low-entropy. It can authenticate identity to someone who holds the data.

I.e., you cannot securely encrypt something with a function of your fingerprint: anyone can cycle through fingerprint representations and eventually get decrypt the data (or the key to the data). You can, however, authenticate yourself to someone (or something) which holds a plaintext encryption key, and once you have been given the key, decrypt the encrypted data. This only works if you can trust the person or thing to never give the key to an unauthenticated part. That only works with hardware, since any software which holds a key in plaintext can be examined to extract the key.

0 comments

1 comments · 1 top-level

Tepix10y ago

A fingerprint can offer some protection for your data, many times it will be sufficient protection and sometimes it will provide better protection than a weak password.

j / k navigate · click thread line to collapse