Hacker News new | comments | show | ask | jobs | submit login

And I think that's the main problem with it. People think that it's actually a true replacement for a password, even though it's not.



Give me a real world scenario where this distinction matters and affects real outcomes. For real users, not people who are trying to protect themselves from the CIA.


You have your phone in your pocket, I want to access your data.

With touch unlock, all I need is my buddy to hold you for 3 seconds while I twist your arm and unlock the phone.

With passcode unlock, getting the password out of you will take some more effort.

Oh, and in this scenario, I can be a thief, or a police officer, or a borders agent, or an abusive husband, or many other things :)


> With passcode unlock, getting the password out of you will take some more effort.

Given that there are two people, capable of violence, against the phone owner I'm not sure that getting the password is going to be that much trouble.


Forcing someone to put their finger on a phone is a matter of seconds. No matter how you put it, getting a password is harder and lengthier.


Getting a password requires consent, even if it's under duress. Getting your finger doesn't require you to agree with anything.


If you use that fingerprint code, any thief that steals your phone and wants your data will have it. It offers no protection at all.

Now, if you arguee that no thief will ever want your data (and you'd be probably right), it doesn't matter if you lock your phone or not, and it won't matter how you do that. In this case, locking schemes are completely useless.

(Now, I'd be content with a fingerprint reader that recognizes a finger - any finger - and unlocks the phone. It's enough protection if my pocket can't defeat it. Unlocking only by specific fingerprints looks like a pain, nobody else will be able to unlock my phone? Thanks, but I'll pass that.)




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: