biometrics
lynn.wheeler at firstdata.com
lynn.wheeler at firstdata.com
Tue Jan 29 17:12:20 EST 2002
in the most recent PC magazine (2/12/2002) on the stands ... there is an
article "Why Passords Don't Work" (pg. 68
In the article they repeat the recommendation that you never use/register
the same shared-secret in different domains ... for every environment you
are involved with ... you have to choose a different shared-secret. One of
the issues of biometrics as a "shared-secret password" (as opposed to the
interface between you and your chipcard) is that you could very quickly run
out of different, unique body parts.
there are large number of different ways of havesting shared secrets (pin,
password, or biometric) ... the issue isn't so much whether or not pin,
passwords, or biometrics can be harvested .... it refers to the business
process distinction between "shared-secret" passwords, pins, or biometrics
registered in various databases ... and "secret" passwords, pins, or
biometrics that aren't registered in various databases.
sidney at sidney.com on 1/26/2002 10:47 am wrote:
4
Shared "secret"? People don't leave a copy of their PIN on every water
glass they use.
-- sidney
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list