

Computer login with password only, without username - laurent123456
http://ux.stackexchange.com/q/32953/7235

======
rogerbinns
A solution no one suggested is using a fingerprint scanner to login as they
usually test against all possible local users, and are extremely convenient to
use. Face scanners have similar properties.

There are certainly issues with them, and like all things security there are
some tradeoffs to be made. Since the users are local, things are inherently
less secure anyway (password entry can be observed, hardware keyloggers can be
easily hidden, chances are you can boot a live CD and inject any software you
want).

As an example my Lenovo laptop has fingerprint recognition and Android devices
have face recognition.

~~~
aaron695
My understanding is you still need a username with fingerprints etc. Well at
least in a corporate environment. So they don't change the original question

What if the fingerprint algorithm overlaps two people. You suddenly can access
someone else account without trying. IE fingerprints burnt off/similarly
damaged through chemo.

Also an fingerprint attack without username simultaneously attacks all users
at once.

Not saying with the right tech a fingerprint might be good enough without a
username, but my understanding is it's not done and whether it can be is a
similar question to the original question.

~~~
rogerbinns
> My understanding is you still need a username with fingerprints etc.

The fingerprint software (Lenovo's at least) scans all enrolled accounts. You
do not select your user account - you just scan an enrolled finger and it
figures out the correct user.

> Well at least in a corporate environment.

The original question wasn't asking about thousands of users but rather a
small location (eg small office or a home). That said Lenovo's fingerprint
software does support "enterprise" use where the signatures can be centrally
stored and redistributed to relevant machines. Note that I would never use or
advocate that.

> What if the fingerprint algorithm overlaps two people. You suddenly can
> access someone else account without trying.

Fingerprints are unique! The scanners are high resolution. Your fingerprints
are always going to match your stored ones with the highest confidence.

> fingerprints burnt off/similarly damaged through chemo

You enroll multiple fingers. And yes someone with them completely damaged
would have to revert to typing their password.

> Also an fingerprint attack without username simultaneously attacks all users
> at once.

You forgot the initial constraints. This is a local office/home where users
have local access. Doing an attack via fingerprint is the hardest way of doing
a compromise. As I pointed out you could just observe someone typing their
password (directly or via a camera in the same room), you could plug a
hardware keylogger in and no one is likely to see it, you could boot into a
livecd and install attack software of your choice, and the list goes on. Heck
you could probably just ask any of your family/coworkers for their passwords
and they'd likely tell you!

------
pbiggar
Don't take UX advice from security professionals, and don't take security
advice from UX professionals.

~~~
arcatek
Could you explain what is wrong in the Stack Exchange answer ?

~~~
pbiggar
Sure. Lets ignore that this was for a 2-10 person device as asked in the
question, as I think most of the answerers also ignored this.

Suppose your credentials are USERNAME and PASSWORD. What is the security
difference between this, and having a single credential, which is
USERNAMEPASSWORD? If USERNAME is known, none. (There are of course UX things,
like sending password reminders, but interestingly enough, the answers were
nearly all about security, not UX).

~~~
aaron695
I'd agree. None of the answer seem close to correct.

It is an interesting idea.

I had a small site without compulsory passwords just email address.

Idea being you'd suck more users in this way (Data was not a real security
issue) And emails are unique. Let the user add a password if they want.

It never got popular, so no idea how it would go. Griefing might be an issue.

But back to the point, it's a risk management issue. What's the return on no
passwords and what's the risk.

Flatmates can rob my room if they are evil. So I don't consider a small
security issues on password overlaps a problem.

Really Microsoft considers a computer compromised once the attacker has
physical access anyway.

I do however want a small barrier to them reading my emails etc. (Something
about temptation)

Perhaps there's issues with teaching bad habits (UX), perhaps it'd confuse
users(UX). Perhaps like all projects it goes from 2-10 users to hundreds. This
is more what should be discussed.

