As with many things, it depends heavily on what you're using it for. Not as pithy for a title though, I suppose.
No amount of information entered into a computer fully proves it's you and not someone else. A fingerprint provides some information, as does a password.
This sounds like a fairly useless distinction, but hopefully this will make sense:
If all we're doing is trying to prove we're us and not someone else, why do we need a username at all? What added bonus is gained from having a completely public bit of information?
Well that's because:
1. People are bad at picking passwords, if everyone picked a 2000 character random password and kept it secret we'd not really need anything extra
2. You can't inform people if they've picked the same authentication as someone else, so you prefix it with a per-user unique value which you let people know will be public
I don't really see fingerprints as a username or a password. They're just another hint to the system that it's probably you, and you can use any combination of those three depending on what you actually care about.
For example:
I don't have a username on my phone to unlock it, just a password.
I have a username and password for HN.
I have a username, password and physical auth device for work-related logins.
The latter two are fairly obvious as differences in how important it is that I'm verified to be me, the former is because I mostly want my phone to distinguish between me and my pocket.
> But biometrics cannot, and absolutely must not, be used to authenticate an identity.
A bad choice for what? Your fingerprint can only be used to access a particular device in the case of Touch ID. It is worthless if you don't also have physical access to the device. And it's a lot easier to tell if your device has been compromised because it means that you no longer possess it, in which case you can simply remote wipe it. To reiterate: Possession of your fingerprint alone does not allow someone to access your bank account or log into your webmail.
Your fingerprint can only be used to access a particular device in the case of Touch ID. It is worthless if you don't also have physical access to the device.
Or any previous device you might have had with Touch ID. Unless you change your fingerprints when you get a new phone.
And it's a lot easier to tell if your device has been compromised because it means that you no longer possess it, in which case you can simply remote wipe it.
Which can easily be subverted by simply disallowing the phone from connecting to the Internet. A "faraday bag" costs a few bucks. Assuming TouchID doesn't prevent you from logging in without Internet access, of course.
Or any previous device you might have had with Touch ID. Unless you change your fingerprints when you get a new phone.
Or... You could wipe your old phone when you get a new one.
Which can easily be subverted by simply disallowing the phone from connecting to the Internet.
Perhaps, but you know what they say: If a (determined) attacker gains physical access to your device, all bets are off. But at least you would know if you lost your device. A password OTOH could be compromised without you knowing.
Also, I am only saying that Touch ID is at least as secure as a username/password authentication scheme. If you want more security (perhaps because your adversary is someone who would go to the lengths of manifacturing a fake finger to fool a Touch ID sensor and also get a Faraday Bag to prevent you from wiping your device), the you should perhaps consider using 2-factor authentication.
No amount of information entered into a computer fully proves it's you and not someone else. A fingerprint provides some information, as does a password.
This sounds like a fairly useless distinction, but hopefully this will make sense:
If all we're doing is trying to prove we're us and not someone else, why do we need a username at all? What added bonus is gained from having a completely public bit of information?
Well that's because:
1. People are bad at picking passwords, if everyone picked a 2000 character random password and kept it secret we'd not really need anything extra 2. You can't inform people if they've picked the same authentication as someone else, so you prefix it with a per-user unique value which you let people know will be public
I don't really see fingerprints as a username or a password. They're just another hint to the system that it's probably you, and you can use any combination of those three depending on what you actually care about.
For example:
I don't have a username on my phone to unlock it, just a password.
I have a username and password for HN.
I have a username, password and physical auth device for work-related logins.
The latter two are fairly obvious as differences in how important it is that I'm verified to be me, the former is because I mostly want my phone to distinguish between me and my pocket.
> But biometrics cannot, and absolutely must not, be used to authenticate an identity.
This is incredibly context dependent.
My pithy one liner:
All absolute statements are flawed.