Why shouldn't MS Fingerprint reader not be used to protect sensitive data?

anonymous · Dec 16, 2004

http://www.microsoft.com/hardware/mouseandkeyboard/features/fingerprint.mspx
last paragraph.

Frustrated with the bounty of passwords, I thought the fingerprint reader
would be a good idea for important passwords, like the ones for financial
data. Why not?

Bob I · Dec 16, 2004

Cause it's way too easy to spoof/curcumvent them.

JerryMouse · Dec 16, 2004

anonymous said:
http://www.microsoft.com/hardware/mouseandkeyboard/features/fingerprint.mspx
last paragraph.

Frustrated with the bounty of passwords, I thought the fingerprint
reader would be a good idea for important passwords, like the ones
for financial data. Why not?

The do-bads will cut off your finger to gain access.

Al Dykes · Dec 16, 2004

The do-bads will cut off your finger to gain access.

Can't speak to the MS device (this is the first I've heard of it)
but a fingerprint reader made by another company claims to address
this problem. I didn't have the stomach to ask for details.

I don't know how a fingerprint reader could block replay of data.

Take a look at this;

http://www.rsasecurity.com/node.asp?id=1157

Bob I · Dec 16, 2004

Al said:
Can't speak to the MS device (this is the first I've heard of it)
but a fingerprint reader made by another company claims to address
this problem. I didn't have the stomach to ask for details.

I don't know how a fingerprint reader could block replay of data.

Take a look at this;

http://www.rsasecurity.com/node.asp?id=1157

The "cold finger" problem is easily circumvented with an infra red source, see light bulb, halogen or otherwise

Alexander Grigoriev · Dec 19, 2004

Remember "Die another day"? they cut the palm off with a laser.

Alexander Grigoriev · Dec 19, 2004

The main part of identity is a mind. The one who remembers things and makes
decisions. Even a live finger doesn't constitute an identity.

Barry Watzman · Dec 19, 2004

ATM machines in South Africa use fingerprints instead of pin numbers.
When the business of cutting off fingers first occured (yes, it did
happen a few times), the readers were modified to only work with a
"live" finger.

Really, in any normal application, this is a non-issue. If someone is
holding a gun to your head, you are likely to tell them your password.
Most of us, however, are not trying to deal with a "threat environment"
that even encompasses lethal force and physical violence.

How to contact Tech Support - MS Fingerprint Reader	2	May 2, 2007
Re: How to decrypt files without the EFS Certificate	4	Aug 19, 2010
USB Security Keys are they a good idea ?	5	Jan 26, 2017
Can I somehow password-protect pre-import CSV files?	12	Feb 24, 2007
MS Word 2007 .dotx can not remember Password protection on re-open	4	May 19, 2007
Why does MS force me to reactivate XP PRO?	30	Aug 16, 2008
Data Access Page \| Why use this feature?	3	Aug 10, 2009
Outlook data files should be encrypted	3	Nov 11, 2008

Why shouldn't MS Fingerprint reader not be used to protect sensitive data?

anonymous

Bob I

JerryMouse

Al Dykes

Bob I

Alexander Grigoriev

Alexander Grigoriev

Barry Watzman

Ask a Question

Similar Threads