I'm not thick. I know it doesn't sound like much of a boast, but I'm pretty competent at this whole adulting lark. But it appeared that I had forgotten a 4 digit number I'd set up less than a minute ago! The security guard smiled wearily at me, "It happens to everyone!" She said. Which, [...]
A little rant for this Saturday about a stupid usability problem which will never get fixed.
For my local computer password, it will likely be the same pattern until I die. For Internet services I just use a password manager. Local accounts don’t seem like a major attack vector as they once were. Maybe I’m wrong about that though.
The biggest potential issue is if your local password can be used to login remotely.
I am definitely coming to the conclusion that in the long run, we’re going to end up using something that looks a fair bit like Webauthn / Passkeys for most things that care about security, with something as additional local authentication.
There are technical reasons why passwords / passphrases are useful, but there is a lot of research that shows just how horrible they are both from a security perspective and from a usability perspective.
Biometrics are… Convenient, but only useful in low security applications*, and are almost impossible to use for things like unlocking your phone after it reboots**.
A separate physical object would work really well in some cases, like a desktop computer, but it wouldn’t work at all for something like your cell phone. Or even a laptop. The object would be stolen along with the device it secures.
I’m really not sure what the long term answer even looks like, but I do hope that it’s not passwords or the like.
*: You can’t easily change any of your biometrics, but you can most definitely capture someone’s biometrics, and then duplicate them to gain access to something. It wouldn’t be practical to do this every single day, but just to gain access to something once or twice? Easy enough.
**: The short version: Your PIN / Passphrase / Password / Pattern get fed into a hashing function of some sort, like PBKDF2, which eventually spits out something that can be used to decrypt the key used to encrypt all the data on the device. But this requires a static value, and biometrics are all about fuzzy matches to other patterns.
Yeah, typically with local passwords they can only be used to log in remotely if you specifically enable those services. In those cases, I consider it not to be a local password anymore, since it’s not just local to your machine.
For my local computer password, it will likely be the same pattern until I die. For Internet services I just use a password manager. Local accounts don’t seem like a major attack vector as they once were. Maybe I’m wrong about that though.
The biggest potential issue is if your local password can be used to login remotely.
I am definitely coming to the conclusion that in the long run, we’re going to end up using something that looks a fair bit like Webauthn / Passkeys for most things that care about security, with something as additional local authentication.
There are technical reasons why passwords / passphrases are useful, but there is a lot of research that shows just how horrible they are both from a security perspective and from a usability perspective.
Biometrics are… Convenient, but only useful in low security applications*, and are almost impossible to use for things like unlocking your phone after it reboots**.
A separate physical object would work really well in some cases, like a desktop computer, but it wouldn’t work at all for something like your cell phone. Or even a laptop. The object would be stolen along with the device it secures.
I’m really not sure what the long term answer even looks like, but I do hope that it’s not passwords or the like.
*: You can’t easily change any of your biometrics, but you can most definitely capture someone’s biometrics, and then duplicate them to gain access to something. It wouldn’t be practical to do this every single day, but just to gain access to something once or twice? Easy enough.
**: The short version: Your PIN / Passphrase / Password / Pattern get fed into a hashing function of some sort, like PBKDF2, which eventually spits out something that can be used to decrypt the key used to encrypt all the data on the device. But this requires a static value, and biometrics are all about fuzzy matches to other patterns.
Yeah, typically with local passwords they can only be used to log in remotely if you specifically enable those services. In those cases, I consider it not to be a local password anymore, since it’s not just local to your machine.