I am not personally a fan of fingerprint readers on their own because
often they can be subverted (see Dustin's comment) and because I
generally don't like amputation-ware (I like all my parts where they are
now, thanks). That said, someone else may have a really good reader and
want to use it, and I'd have to agree with Roger that just because I,
Dustin and other security professionals don't find them useful for
passwords, that doesn't mean they shouldn't be supported, if those
interested want to put in the work.

Combining a fingerprint reader with other authentication mechanisms can
make things more secure. Eg, the fingerprint (something that uniquely
identifies you), with a password (something you know) and a smart
card/usbkey (something you have) would offer quite strong protection
(not to mention rather severe usability issues). In this scenario an
attacker needs to obtain three different tokens, which is likely more
difficult than two and certainly more than just one.

** Changed in: ecryptfs-utils (Ubuntu)
       Status: Won't Fix => Confirmed

-- 
add support for fingerprint readers in pam_ecryptfs
https://bugs.launchpad.net/bugs/255799
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to