Rotating Skull is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

If every decent software engineer knows that faces and fingerprints cannot be passwords because they're neither secret nor can you change them, then why does Apple, which is supposed to be a top-notch tech company, release features like that

@gargron mmmmmm I'm actually pretty happy with how TouchID is implemented from a security perspective. Your password is still required after any reboot or significant downtime, or for sensitive operations. It's not being used as a password, more as a proof of continued presence during inactivity.

Security is a usability/threat tradeoff and having TouchID enabled allows me to have a much longer password then would be practical normally. So overall it's a net positive.

Rotating Skull @rotatingskull

@nightpool @Gargron Why do I have to prove my continued presence?

ยท Web ยท 0 ยท 0