

The End of the Password Age - sdaityari
http://www.sitepoint.com/end-password-age/

======
geoffsanders
While I completely agree with you that the end of the password age has
arrived, I disagree that biometrics is the solution; at least not on a broad
level.

The problem with biometrics isn't a matter of its ability to authenticate an
individual; they make great credentials. Rather, the problem is that once that
uniquely personal data is leaked or hacked (in security, we must always plan
for future malicious attacks/vulnerabilities), you can't simply replace or
revoke those credentials. e.g. Say a cloud service holds a copy of one of your
fingerprints. If that data gets leaked, you can't simply remove or replace
your fingerprint. What happens when you've lost all 10 of your fingerprints to
hackers?

In reality, biometry is so powerful that we must be responsible in how we
employ this most intimate form of identification. Using biometry within truly
closed systems (think iPhone 5s TouchID) is the only responsible way to
utilize biometry, as the data is encrypted and stored locally in a partitioned
drive, and made unavailable to everything else. Of course, this architecture
generally limits usage to the device it's on.

My last point is that you don't need biometry for true multi-factor
authentication (MFA), which is what everyone should be striving for. Biometric
factors are also known as inherence factors (something you inherently are),
which means you can replace biometric factors with inherence factors like
geofencing (your location on this planet is something inherent only to you).

You should look into services like LaunchKey
([https://launchkey.com](https://launchkey.com)) or view the FIDO Alliance
([https://fidoalliance.org](https://fidoalliance.org)) to see what the next
generation of authentication looks like.

~~~
maxerickson
It's an April Fool.

Anyway, I don't think it makes any sense to treat fingerprints (especially,
but other biometrics too) as sensitive. It's a repeat of the social security
number fiasco, except it's worse, we leave them everywhere we go.

