• boredsquirrel@slrpnk.net
    link
    fedilink
    English
    arrow-up
    4
    ·
    6 months ago

    Something you know, something you have, something you are.

    3FA:

    • Pin
    • Security Key/TPM/Secure element
    • fingerprint / iris scan

    You could also start with just one of these

    • ArcaneSlime@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      5
      ·
      6 months ago

      fingerprint / iris scan

      Nope, I’m out. I’m not giving my unchangeable biological data to the Computer Gods because A) Fuck that and B) the police in my country can compel the use of biometrics to unlock things but cannot compel you to give up your pass as it is protected by the first amendment. Yes I think the bios should be protected too but that isn’t the reality in which I live.

      • FutileRecipe@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        6 months ago

        Nope, I’m out.

        From the person you replied to, emphasis mine:

        You could also start with just one of these

        • ArcaneSlime@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          6 months ago

          I’m cool with non-biometrics.

          (Though “3fa” and “could also” does imply he meant to use all three in concert, but that “just one” would be better than none.)

      • boredsquirrel@slrpnk.net
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        6 months ago

        Yeah that factor may not be wanted. But it is a security factor, because only you have it.

        You could hash it securely so the computer gods dont know your fingerprint. And you could only use it in addition to another factor.

    • Venia Silente@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 months ago

      Isn’t the idea that not everyone has access to your biometrics?

      There’s honestly no need to make computers ask people for piss scans:

      something you know

      A password

      something you have

      Access to the password

      something you are

      The person who knows the password

        • Venia Silente@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 months ago

          But that can be said of any of the other such called factors:

          A yubikey can be stolen

          A fingerprint can be scanned and distributed

          So its not really an argument against passwords (or passkeys, or passwordless, or whatever marketing want to call them these days).

          • boredsquirrel@slrpnk.net
            link
            fedilink
            English
            arrow-up
            2
            ·
            6 months ago

            Most people just need to fear their passwords being cracked remotely. In masses.

            If your threat model is being known, people stealing your stuff to login to your things, this is very high.

          • AlwaysTheir@lemmy.one
            link
            fedilink
            English
            arrow-up
            2
            ·
            6 months ago

            My yubikey can be stolen but good luck guessing my PIN in the 3 to 9 tries allowed before it self destructs.