All sounds great until you lose your phone or FIDO device, or it’s stolen, or your facial login is spoofed but still probably pretty great on the whole when combined with other methods.

  • MutatedBass@lemmy.world
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    I am certainly no expert but I think conceptually they are neat so long as there is another way to access the account if, like you say, you lose the device or something else happens. In the current world of social media and AI, facial login would seem to me to be the furthest thing from secure.

    • 🇺🇦 seirim @lemmy.proOPM
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      Agreed, they fall into the “something you have” category which is great because it’s harder for a bad actor to obtain them, like they could obtain 2FA keys in some way, example, nullifying their value. But as long as there is a failsafe backup way like you say I like it.

      • thejoker8814@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Biometric authentication methods are in general not very secure. Besides the fact there are a whole lot of procedures to fake/ spoof the biometric data. Once breached - you can not change your biometrics that easy. Keys and passwords can easily be replaced.

        Further, if you use biometric auth for a lot of services you open your self to a single point of attack - that is pretty similar using the same password for many services. And we don’t do that!