Can anyone explain to me why Apple refuses to enable multi-factor authentication on iOS devices? Especially those with fingerprint sensors built in, how hard could it be to ask for a PIN-code AND a fingerprint? I was always taught that passwords alone are insecure PERIOD. In fact, any SINGLE-FACTOR authentication is shite. A good security scheme includes: 1) Something you are (a fingerprint, picture, iris scna, etc) 2) Something you know (a password or passcode) 3) Something you have (an iPhone, or tokenized security product) replacing 1-factor security (something you know, a password) with 1-factor security (something you are, a fingerprint) doesnt make things safer... in fact, it just introduces new threat vectors to securing you phone. One possible threat vector to a single-factor biometric secured device, is an individual doesnt have to be cooperative (or even consciece) to access the data. For folks who run in my circles, that means anyone (police) can force your finger to unlock your phone. And for you smarty pants who say the phone counts as something you have, it doesnt. Just like a building doesnt count to get passed a locked door (you need a key, something else you have), We have the technology. If I want to access my phone I want to swipe my fingerprint AND type in a pin-code. I just do... Apple make it so!
Posted on: Fri, 12 Sep 2014 19:29:57 +0000