-={ The world through a looking glass }=-


Fingerprint as login is not a bad idea, but current implementation is

Today’s news has been about how bad an idea was to use fingerprint as a login mechanism (Ars Technica). Apple’s iPhone had a similar mechanism and it was broken in 48 hours by someone swiping a lifted fingerprint (Ars Technica, again). Mythbuster had an episode whereby the latest in fingerprint locks (fingerprint+pulse+heat+skin conductivity) was broken by having someone lick a plastic mold of a fingerprint

In short: Passwords can be changed, fingerprints can’t.

But I disagree that fingerprints can’t be used as a convenient way to grant authorized access. It’s only the current implementation made it simple and easy to break. Sure you leave fingerprints all over the place, and once someone has your prints it becomes impossible to change it. But no one say it has to be just 1 print per scan. 

A better way would be to adopt common good password practices, instead this time we apply it to number of fingerprint swipes.

  • Password length = fingerprint swipes
  • Password complexity = random fingers (we have 10, take a pick)
  • Password history = length + complexity combo history
  • Example: Fingerprint password of 3 length + complexity = Left Thumb -> Left Middle -> Left Pinky finger. 3 swipes.

This way even when someone has your prints they have no idea which finger you use, for how many swipes, or in what combination.

Problem solved.

Can you hear the echo in here?

Here is a blog that had existed when blogging was cool, having your own domain name is to rise up to the rank of God himself and everyone drools for a dSLR.

A blog that had existed for this long carries with it a load of emotional weight that I want to be rid of and thus a spring cleaning is in order.

I was lucky these are all in digital; imagine if they were in aged rubber band bound diaries and the only satisfying way of ‘deleting’ them involves a bottle of kerosene, a match and an escape plan for the inevitable fire in my backyard.

I’m not holding a sentimental value to each blog post, although I do find a gem here and there as I select them for purgatory. Mostly old chain emails and jokes and some thoughts I had pen down during my uni years (no such luck finding rough scribbles for facebook-social-network); most of which can now be realized as dreams of better role models / entrepreneurs and for the rest of old jokes, Googled.

There’s no archived old post section and it’s a waste of time anyway as my blog view are not as high as before so all those posts are gone. I feel lighter already!

So anyway this is a brand new post for a brand new start, new tags, new categories, new everything! It may also be a way for me to clear the room full of junk before I shut it down, who knows… let’s see if there’s a next post after this.


Get every new post delivered to your Inbox.