Web Dev full-stack [LAMP] since 2005, but much heavier on the JS stuff these days.
Jack of all Stacks, Master of some.
Always looking to learn new things. Always glad to help out, just ask.
Location
Atlanta, GA
Education
B.S. in Biochemistry 2004, M.S. in Computer Information Systems 2007
The fingerprint / face is used to access a protected (cryptographic) key stored on the device. In other words, as an attacker, you would first need to get your hands on the phone/laptop/other of the person you are trying to impersonate. ... And if you are able to fool the local authentication, you basically have all the rights on the device anyway.
Hi. There was still the question pending of "Why not login with google?" that I did not really answer. The response is a little late because it did not really fit as a comment, but I tried my best to answer it in the last section of my latest post ;) dev.to/dagnelies/passwordlessid-fi...
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Love the idea, hope you can turn it into something widely used.
However, aren't fingerprints and face recognition easily fooled currently?
I much prefer typing in my email address for example and using "login with google" currently and relying on google to not get hacked :)
Thoughts?
The fingerprint / face is used to access a protected (cryptographic) key stored on the device. In other words, as an attacker, you would first need to get your hands on the phone/laptop/other of the person you are trying to impersonate. ... And if you are able to fool the local authentication, you basically have all the rights on the device anyway.
Hi. There was still the question pending of "Why not login with google?" that I did not really answer. The response is a little late because it did not really fit as a comment, but I tried my best to answer it in the last section of my latest post ;) dev.to/dagnelies/passwordlessid-fi...