undefined | Better HN

0 pointsenriquepablo6y ago0 comments

> Anonymity is weakened if we tie authentication to biometrics.

I think you mean pseudonimity. There should be no authentication in anonimity.

> Something you know (as in password) is always theoretically more secure than something you are (your physical characteristics).

If you authenticate, you can use methods that are more or less secure. If you use a password method, and use a secret as password, it will be more secure than if you use a biometric as password.

But the security of the authentication method will bear no weight on the "pseudonimization" - meaning on the difficulty of linking the authenticated identity with your real, legal identity.

0 comments

Santosh836y ago

It's effectively like using one password for every app/site authentication. What if the hashes/keys leak out? Then how easy would it be to change your keys for other sites while still using the same biometrics?

j / k navigate · click thread line to collapse