Whoever is guiding Apple’s TouchID implementation is severely misguiding Apple and the public who uses it.
The idea behind biometric security is that it is infinitely more difficult to crack than a PIN or Password. Where a password or passphrase in today’s marketing techno-lingo may be composed of eight or more ASCII characters, a biometric signature may have tens of thousands of combinations. Even a 30 character password cannot compete with such a combination. Not that it can’t be broken, but it would be more difficult and time consuming. And on a device that can lock and/or wipe itself after a number of incorrect tries, it should be IRRELEVANT.
( Now let me state for the record that a PIN in and of itself, does NOT constitute a password or passphrase in my opinion. If a vendor such as Apple or other security providers allow their users to consume PINs, I would allow for dual authentication on every boot. )
I also understand the reasoning behind dual token authentication. “I go to work and I can use dual tokens to sign in in the morning, and work all day. In a multi-tenant managed environment dual token is a great authentication method when managing different tenant infrastructures.”
I can also think of the following industries which can benefit:
- Nuclear plants
- Munitions depots
- Utility distribution grids
- Aircraft cockpits
I can also understand use of the dual token as implemented by Apple in the following circumstances:
- When booting, in a ‘motion-less‘ profile; that means NOT while in a moving vehicle, and not during physical movement such as walking. Those are dangerous activities to be engaged in while trying to enter a passphrase. Legislatures are passing law after law to curb such activities, while Apple is actively opposing the legislation.
If Apple wants to implement a dual authentication on boot then allow the user to set the elapsed time, say one to four weeks.
- Under no circumstances should dual authentication be required after a boot when using biometric authentication:
- Not when I’m shopping
- Not when I’m driving
- Not when I’m walking or jogging (not that I jog)
- And certainly not when I’m in line waiting to pay, unless the transaction is over a limit, I, the user has set
Lest anyone thinks I’m beating on Apple, I’m not. This applies to all security implementors in any company and product.
What do you think?