Use of biometrics to speed up and avoid keyloggers

TonkaGD
TonkaGD
Community Member
in Mac

Hello, we use 1P since i can remember.
We recently took some IT hacking/security class to show staff how hacks are made and how they can be avoided.

The main concerns were speed taken to unlock 1P
We are into IT MSP, so we login to different services A LOT trust me :(

We thought biometrics would be great, so it would speed the process a lot, and bypass a "compromised" machine with a keylogger, which is the aquiles heel in my humble opinion.

Recently a media guy dared some hackers to hack his mac, and what the ethical hacker did to proof his dare was grab the 1P password. ... you can imagine the rest of the story.

Is there a way we can incorporate a thumb reader? facial? into 1?

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Megan
    Megan
    1Password Alumni

    Hi @TonkaGD,

    Thanks so much for the suggestion here! Now, I'm not a security expert, but I know that our security guru has talked about biometrics a fair bit on these forums. This post in particular points out why we should be cautious around biometrics:

    "I should also note that biometrics are not very good authentication systems. Even Hollywood scriptwriters know what is wrong with them. They are vulnerable to replay attacks. Someone lifts a finger print (not nearly as easy as it is in the movies, but it can be done), records an overheard voice command, takes a high quality photo of someone's eye, etc.

    Also, unlike passwords, you can't change your fingerprint if you discover that someone has made a copy. So outside of very limited circumstances, biometrics are more gimmick than actual security. (I do think that TouchID in the iPhone is a good thing for what it is designed to do, but it wouldn't be a good thing for other applications."

    And really, once a machine has been compromised, it really shouldn't be trusted at all.

    Of course, we never say never, and it will be interesting to see how biometrics develop in the coming years. We have definitely had requests from other users for some sort of quick unlock for Mac, and it is something that we're looking into, but I can't say more than that at this time. But I'm happy to pass your request along to our development team. :)

This discussion has been closed.