From owner-freebsd-security Wed Jun 19 7:20:33 2002 Delivered-To: freebsd-security@freebsd.org Received: from laptop.tenebras.com (laptop.tenebras.com [66.92.188.18]) by hub.freebsd.org (Postfix) with SMTP id 9D0D837B412 for ; Wed, 19 Jun 2002 07:20:27 -0700 (PDT) Received: (qmail 12546 invoked from network); 19 Jun 2002 14:20:25 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (66.92.188.241) by 0 with SMTP; 19 Jun 2002 14:20:25 -0000 Message-ID: <3D109329.8050007@tenebras.com> Date: Wed, 19 Jun 2002 07:20:25 -0700 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.0.0) Gecko/20020607 X-Accept-Language: en-us, en, fr-fr, ru MIME-Version: 1.0 To: Dag-Erling Smorgrav Cc: Eric F Crist , 'Ryan Thompson' , freebsd-security@FreeBSD.ORG Subject: Re: Password security References: <000c01c2174c$5a38f230$77fe180c@armageddon> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Dag-Erling Smorgrav wrote: > 1) Biometrics can't be used reliably for remote access. There are zero-knowledge protocols for secure remote use of biometric data. > 2) I don't know of any currently available biometric authentication > device that can't be easily fooled. Somewhat misleading -- any biometric method of identification has false positives and false negatives. For software engineers, this seems unacceptable, since we're used to boolean values for Truth. It's very useful for two-factor (or n-factor) authentication -- I have no idea how extensive your familiarity with biometric methods is, but several are quite promising. Some of the better ones (hand geometry) aren't suited to embedding in a laptop... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message