• boredsquirrel
    link
    fedilink
    English
    36 months ago

    Something you know, something you have, something you are.

    3FA:

    • Pin
    • Security Key/TPM/Secure element
    • fingerprint / iris scan

    You could also start with just one of these

    • @[email protected]
      link
      fedilink
      English
      36 months ago

      fingerprint / iris scan

      Nope, I’m out. I’m not giving my unchangeable biological data to the Computer Gods because A) Fuck that and B) the police in my country can compel the use of biometrics to unlock things but cannot compel you to give up your pass as it is protected by the first amendment. Yes I think the bios should be protected too but that isn’t the reality in which I live.

      • @FutileRecipe
        link
        English
        4
        edit-2
        6 months ago

        Nope, I’m out.

        From the person you replied to, emphasis mine:

        You could also start with just one of these

        • @[email protected]
          link
          fedilink
          English
          2
          edit-2
          6 months ago

          I’m cool with non-biometrics.

          (Though “3fa” and “could also” does imply he meant to use all three in concert, but that “just one” would be better than none.)

      • boredsquirrel
        link
        fedilink
        English
        1
        edit-2
        6 months ago

        Yeah that factor may not be wanted. But it is a security factor, because only you have it.

        You could hash it securely so the computer gods dont know your fingerprint. And you could only use it in addition to another factor.

    • Venia Silente
      link
      fedilink
      English
      16 months ago

      Isn’t the idea that not everyone has access to your biometrics?

      There’s honestly no need to make computers ask people for piss scans:

      something you know

      A password

      something you have

      Access to the password

      something you are

      The person who knows the password

        • Venia Silente
          link
          fedilink
          English
          16 months ago

          But that can be said of any of the other such called factors:

          A yubikey can be stolen

          A fingerprint can be scanned and distributed

          So its not really an argument against passwords (or passkeys, or passwordless, or whatever marketing want to call them these days).

          • @[email protected]
            link
            fedilink
            English
            25 months ago

            My yubikey can be stolen but good luck guessing my PIN in the 3 to 9 tries allowed before it self destructs.

            • Venia Silente
              link
              fedilink
              English
              15 months ago

              luck? I have a $5* wrench.

              * (Actually a $7 wrench. Inflation is murder around here.)

          • boredsquirrel
            link
            fedilink
            English
            26 months ago

            Most people just need to fear their passwords being cracked remotely. In masses.

            If your threat model is being known, people stealing your stuff to login to your things, this is very high.