undefined | Better HN

0 pointsdustinmoris6y ago0 comments

What is the compromise? What is insecure about me being me? Either we talk past each other not understanding each other's point, or I feel like you profoundly misunderstand the reason for people using username/password for authentication nowadays?

With most things you need to authenticate to gain access. Authentication is only trying to solve one question - identifying that a person is who they say they are. If I walk home and my wife sees me, she can identify me immediately by simply seeing my face and other biological attributes which gives her 100% certainty that I am who I am, therefore she doesn't question me on entering the house or calls the police.

If I was to go through some top secret lab experiment which would change my look (make me younger by 10 years or something) then I'd struggle to walk home and convince my wife that I am me without providing additional evidence, like sharing some secrets which only she and I know and we know that nobody else would know.

With technology so far we didn't have the ability to identify someone as confidently and as fast via biometrics (like my wife does) as via other means, which is why a few decades ago we had to invent a workaround, namely username and password - which is a secret that hopefully only me and the website knows. This was to date the best way to identify someone, but times are changing fast, as as biometric identificaiton via technology is advancing fast, we are more and more removing the need of username + password for authentication.

Hope now my point makes sense.

0 comments

NeedMoreTea6y ago

A biometric identifies you. An identity does not inherently authenticate you.

Identification is knowing which account to log in. dustinmoris, User123 or user124.

That alone is useless, as anyone who knows your name could log in. So we need to add security to authenticate you. To authenticate with reasonable certainty that the person accessing dustinmoris actually is Dustin Moris, at this moment willingly accessing their own account, willingly transferring £1m to NeedMoreTea. :)

Now, it's certainly true that biometrics are uniquely associated with you, but prove identity not authentication - bear with me here.

You leak DNA and fingerprints all over the place, constantly. Fingerprints have even been picked up from photos. That makes fingerprints surprisingly weak authentication. Face IDs have been fooled by video and photos. I'm not at all current on what the state of the art on FaceID hacking and devices is, so can't say more there. In a police interview they can place your thumb on the phone or wave phone under your face. Maybe borrow your thumb while you sleep to transfer that £1m. The bank will say you fully authenticated it, in their highly secure app, you will deny it.

In combining biometrics as identification and authentication we've compromised the system. It does not give certainty, or even especially high confidence. If motivated, anyone in your office could lift a print while you're out. Computer or phone says Dustin Moris is believed awake and accessing, but you're certainly not doing so willingly, nor can you resist if just a touch or look unlocks. In this context, your wife might easily pick up on whether you were willing in a police interview or not, the phone can't, because mere identification is the unlock.

With a password they have to persuade you to reveal it. It is very easy to not leak passwords accidentally on PostIts, and manage the complex with a password manager. The police can certainly beat it out of you, but most places are supposed to have rules against that. Many places actually honour those rules. A judge might question the bruises and missing teeth.

For a lot of people that's a fine distinction that doesn't matter, the convenience of it probably being you willingly unlocking the phone with your thumb is good enough. If security actually matters, it's not.

Sorry that got a bit long.

kortilla6y ago

You highlight flaws in faceid, etc but passwords also have flaws.

- Fingerprints can be lifted from pictures. - Passwords can be forgotten and thus have seriously flawed reset schemes that often fallback to something as simple as having the right phone or backup code. - passwords can be lifted by keyloggers - passwords can easily be phished - passwords can be shared

Authenticating access can come from 1 or more of: something you know, something you have, something you are.

They each have flaws. They all do the same thing.

NeedMoreTea6y ago

They don't do the same thing. All the flaws in passwords can be avoided, the semi-public state of biometrics cannot.

Authenticating access, if you follow standard security practice, should be at least two of, and preferably all three of: something you know, something you have, something you are. Not one or more.

1 more reply

Dylan168076y ago

If we had technology that doesn't exist, we could have secure biometrics.

In practice the computer is just getting a picture, which is semi-public information, and that's why the only thing you can rely on is that it's an identifier. It's not enough to authenticate when you really need security, only in more casual situations.

j / k navigate · click thread line to collapse

0 pointsdustinmoris6y ago0 comments

Hope now my point makes sense.

0 comments

NeedMoreTea6y ago

A biometric identifies you. An identity does not inherently authenticate you.

Identification is knowing which account to log in. dustinmoris, User123 or user124.

Now, it's certainly true that biometrics are uniquely associated with you, but prove identity not authentication - bear with me here.

Sorry that got a bit long.

kortilla6y ago

You highlight flaws in faceid, etc but passwords also have flaws.

Authenticating access can come from 1 or more of: something you know, something you have, something you are.

They each have flaws. They all do the same thing.

NeedMoreTea6y ago

They don't do the same thing. All the flaws in passwords can be avoided, the semi-public state of biometrics cannot.

1 more reply

Dylan168076y ago

If we had technology that doesn't exist, we could have secure biometrics.

j / k navigate · click thread line to collapse