Your eyeball is your USER ID! (Score: 3, Informative) by Anonymous Coward on 2014-07-27 14:19 (#2NR) Mistaking user ID for password has the potential for bodily harm. Didn't anyone see Minority Report? Do you really want to create a world where criminals want to steal your eyeballs? Thinking of biometrics as a replacement for passwords is one of the STUPIDEST and MOST DANGEROUS of all security mistakes!User ID: Public, anyone can copy it, never changes, but you don't try to keep it secret because no one can hurt you with it; they would need your password.Password: Secret, no one else should see it, must be replaced every six months.You really want to replace your eyeballs every six months? THINK dammit before you spout nonsense. Re: Your eyeball is your USER ID! (Score: 1) by bryan@pipedot.org on 2014-07-28 22:52 (#2PD) Indeed. Biometric login supporters always get this wrong and is one of my personal pet peeves. Fingerprints and retina scans are not passwords! In terms of login, you can narrow information sources into two simple categories.Things you haveName (or username)Email addressFingerprintRetina ScanSimple ID CardThis first list is mainly public information that nearly anyone can obtain (or guess) to use as a unique identifier. Nothing on this list should ever be used as a "password substitute."Things you knowPassword (or PIN)Shared secretThis second list is secret information that is not public or easily obtainable. These are the things that could be used as a password.To improve security, simply include an element from each list. A common example is: withdrawing cash from an ATM requires both a card and a PIN. Re: Your eyeball is your USER ID! (Score: 1) by spacebar@pipedot.org on 2014-07-29 13:12 (#2PS) I think it's more commonly divided intoYou havePhysical item that must be used (ie a key)You areBiometrics (fingerprints, eyeballs, etc)You knowA password
Re: Your eyeball is your USER ID! (Score: 1) by bryan@pipedot.org on 2014-07-28 22:52 (#2PD) Indeed. Biometric login supporters always get this wrong and is one of my personal pet peeves. Fingerprints and retina scans are not passwords! In terms of login, you can narrow information sources into two simple categories.Things you haveName (or username)Email addressFingerprintRetina ScanSimple ID CardThis first list is mainly public information that nearly anyone can obtain (or guess) to use as a unique identifier. Nothing on this list should ever be used as a "password substitute."Things you knowPassword (or PIN)Shared secretThis second list is secret information that is not public or easily obtainable. These are the things that could be used as a password.To improve security, simply include an element from each list. A common example is: withdrawing cash from an ATM requires both a card and a PIN. Re: Your eyeball is your USER ID! (Score: 1) by spacebar@pipedot.org on 2014-07-29 13:12 (#2PS) I think it's more commonly divided intoYou havePhysical item that must be used (ie a key)You areBiometrics (fingerprints, eyeballs, etc)You knowA password
Re: Your eyeball is your USER ID! (Score: 1) by spacebar@pipedot.org on 2014-07-29 13:12 (#2PS) I think it's more commonly divided intoYou havePhysical item that must be used (ie a key)You areBiometrics (fingerprints, eyeballs, etc)You knowA password