Login in the forum using your Finger Print

[AverageGlabella]

Worst idea ever I have seen on this forum. Fingerprints is very very sensitive thing for us. I don't know why we like to divert to decentralized system. Every information could be found about you relevant with fingerprints. Why should I provide my fingerprints in order to use forum? Sound isn't good really. Put your finger print on third party website expect government, there is high risk for you. You know why? I will give example below.

Although I agree with the idea being silly on a Bitcoin forum the idea of our fingerprints being sensitive is also a silly one. You leave your fingerprints all over where you go on a daily basis. Yet you are not worried about it are you? Its an extreme example but there has already been examples of those with Bitcoin being targeted for their fingerprints. Using your fingerprint for anything is a stupid way to access anything and only belongs in james bond movies and teenagers phones.

[1715312952]

1715312952

[1715312952]

1715312952

[1715312952]

1715312952

[r1s2g3]

How would it know which of my alts to use?

You still need to put the username there.

But I am wondering if your fingerprint data is copied then you lost the access from all accounts here. What will happen if you have injured your finger.

[sheenshane]

How would it know which of my alts to use?

You still need to put the username there.

But I am wondering if your fingerprint data is copied then you lost the access from all accounts here. What will happen if you have injured your finger.

That's the reason why we have 10 fingers right?

Each of them maybe you can use in having data when login here and may be useful. (Lol, that is probably abuse)

[xtraelv]

I'm just wondering if its possible to have this kind of system where you just need to scan your finger print and you will be login directly to your account.

I'm talking about this one using our mobile phones since most of the phone now have their own finger print technology, and i usually used my phone to work on this forum. Any violent reactions or any clarification are really appreciated. Thank you. 

Why would you want to give such private information away ? What is wrong with signing in with a complex password and 2FA for security ?

Do you really want a scan of your fingerprint circulating on the internet ?

Bitcointalk has been hacked three times already https://bitcointalk.org/index.php?topic=4405796.0

There have been 6 major exchange hacks already in 2019. Anything crypto is a target for hackers.

Besides - someone can easily replicate your fingerprint or intercept the data containing the digital version of your fingerprint.

[posi]

I'm just wondering if its possible to have this kind of system where you just need to scan your finger print and you will be login directly to your account.

The idea seems nice but the vulnerability involve is high and I think having a personal code or the implementation of google auth is still better.

I'm talking about this one using our mobile phones since most of the phone now have their own finger print technology, and i usually used my phone to work on this forum. Any violent reactions or any clarification are really appreciated. Thank you.  

The last time I checked it not most of the phone we have this days that have the finger print technology and implementing such finger print will hinder some people like myself.

[qwertyup23]

Even if such feature were to be implemented, I would not do it for the sake of convenience. I am not willing to sacrifice personal data for convenience. No matter how secure a network can be, it is still prone to malicious hacks and malware that can be accesses by anyone.

Imagine if the forum were to be hacked and they get a hold of each of every member's fingerprint.

[bitart]

This is already possible if you have an iPhone.

All you have to do is login to the forum using your password from your phone, and tell your iPhone to save your password. Your password will be saved to your keychain and when you access the login screen in the future, you will be prompted to use your saved password, and if you want to, you will be prompted to use your touch id to access your saved passwords in your keychain.

And in this case you can use the fingerprint safely, because when you use the touch ID, your fingerprints won't leave the iphone, it will just check them to give access to the password manager (at least, this is the Apple communication ) So they won't let any 3rd party app access the digital version of the fingerprint stored on the device (only the 3 letter government agencies )

[bones261]

Although I agree with the idea being silly on a Bitcoin forum the idea of our fingerprints being sensitive is also a silly one. You leave your fingerprints all over where you go on a daily basis. Yet you are not worried about it are you? Its an extreme example but there has already been examples of those with Bitcoin being targeted for their fingerprints. Using your fingerprint for anything is a stupid way to access anything and only belongs in james bond movies and teenagers phones.

   I totally agree. I am sure it is possible to lift someone's fingerprint and create some kind of prosthesis with a 3D printer. Although fingerprints have an advantage since they are unique to each individual, (even identical twins have different fingerprints,) I don't think it is feasible to start expecting people to wear gloves everywhere they go as a way to keep their fingerprints "secure." Using a fingerprint as a way to access accounts is about as secure as writing your password on a sticky and sticking it on your computer monitor.

[EcuaMobi]

Most users are posting the same cons against this without knowing how the technology works.
As I said, the fingerprint is not sent anywhere. And the username or email must be entered too.

Simplifying things: you can think of your fingerprint as the password that encrypts the private key used to sign a message. Only the public key (during registration) and the signed message (during logging in) is sent to the server along with the username or email. The private key and fingerprint is not sent, the same as your wallet password and address private keys are never sent anywhere.

Do check this site if you're interested (and do read it before posting here): https://webauthn.io/

[libert19]

I don't think it's even necessary, you just login once and save details your browser will take care of it, if you worried about security then you can use fingerprint as lock.

[goaldigger]

I'm just wondering if its possible to have this kind of system where you just need to scan your finger print and you will be login directly to your account.

I'm talking about this one using our mobile phones since most of the phone now have their own finger print technology, and i usually used my phone to work on this forum. Any violent reactions or any clarification are really appreciated. Thank you. 

This is only possible if someone is making an app version of the forum. I dont think its a burden if you are loging in using your username, password and reCaptcha everytime you want to visit the forum but getting an app will be much better. Also, your browser has its own history so you can log in without retyping. Dont be that lazy its a part of the job.

[btcsmlcmnr]

Even 2FA has not been high in to-do list of theymos, so I believe it is time to lock the topic. Fingerprint is too far from current prioritized things in theymos' to-do list. He likely has never had such idea on fingerprint, but something might pop up next April Fool.

That wouldn't eliminate the need for manual recoveries; it might even increase it as people lose their second factor. 2FA would be nice, but IMO the email notifications provide many of the same benefits, so it's not high on my to-do list.

[erikalui]

One thing would stop is fingerprint technology would be used that account sales would stop. It should only be used as an identifier and not password as last month only somebody was able to trick Samsung's device by inserting a fake password and he managed to unlock the device everytime without having to use his own fingerprint. Fingerprints can't be changed by the hacker but but can be copied. For exchanges, this could be useful too.

[Quickseller]

Although I agree with the idea being silly on a Bitcoin forum the idea of our fingerprints being sensitive is also a silly one. You leave your fingerprints all over where you go on a daily basis. Yet you are not worried about it are you? Its an extreme example but there has already been examples of those with Bitcoin being targeted for their fingerprints. Using your fingerprint for anything is a stupid way to access anything and only belongs in james bond movies and teenagers phones.

   I totally agree. I am sure it is possible to lift someone's fingerprint and create some kind of prosthesis with a 3D printer. Although fingerprints have an advantage since they are unique to each individual, (even identical twins have different fingerprints,) I don't think it is feasible to start expecting people to wear gloves everywhere they go as a way to keep their fingerprints "secure." Using a fingerprint as a way to access accounts is about as secure as writing your password on a sticky and sticking it on your computer monitor.

This is why it is only safe to use biometrics as an access medium when using a device that can protect against these types of attacks.

A website relying on third party devices to transmit fingerprint data is not going to work. However verifying fingerprint information locally will be much more secure.

As an FYI, it is not trivial to replicate a fingerprint so that it reasonably appears the same on a fingerprint scanner. What is much easier is transmitting the data from a fingerprint scanner showing the fingerprint is the same.

This is already possible if you have an iPhone.

All you have to do is login to the forum using your password from your phone, and tell your iPhone to save your password. Your password will be saved to your keychain and when you access the login screen in the future, you will be prompted to use your saved password, and if you want to, you will be prompted to use your touch id to access your saved passwords in your keychain.

And in this case you can use the fingerprint safely, because when you use the touch ID, your fingerprints won't leave the iphone, it will just check them to give access to the password manager (at least, this is the Apple communication ) So they won't let any 3rd party app access the digital version of the fingerprint stored on the device (only the 3 letter government agencies )

When you consent to a background check at most employers, you will have your fingerprints taken and transmitted to the FBI to cross reference against arrest records.

Also you leave your fingerprints ~everywhere, and the government could trivially get them by just following you around a little bit.

[bernardos]

I really dont like the idea. Imagine someone getting access to the database with 100.000s of fingerprints.
This forum is against KYC, except during April fools day, and this suggestion is even more invasive. 

[RodeoX]

There is a way in Linux anyway. You can select password protected sites and launch a print reader. however I think it lowers your security somewhat. I was able to defeat my fingerprint reader with a pencil, a bit of white paper, and a some clear tape. If you think in terms of theory a fingerprint password means you leave a copy of your private keys on everything you touch.
 

[Lauda]

Biometrics =/= password. Biometrics are more of an username, but the industry developed this backwards standard that will work out just fine one day in the future. I'm certain.

however I think it lowers your security somewhat.

Any proper security expert will tell you that it lowers your security significantly. Use it only on your phone if you really have to as that device gets unlocked the most number of times per day. Do not use it for anything else, never ever.

[RodeoX]

Biometrics =/= password. Biometrics are more of an username, but the industry developed this backwards standard that will work out just fine one day in the future. I'm certain.

however I think it lowers your security somewhat.

Any proper security expert will tell you that it lowers your security significantly. Use it only on your phone if you really have to as that device gets unlocked the most number of times per day. Do not use it for anything else, never ever.

I agree. But I was assuming the password on his shared windows 2000 computer is "god". And that his hotel wifi connection mysteriously requires installing screen share software. In that case it only marginally reduces security.
  

[Lauda]

Biometrics =/= password. Biometrics are more of an username, but the industry developed this backwards standard that will work out just fine one day in the future. I'm certain.

however I think it lowers your security somewhat.

Any proper security expert will tell you that it lowers your security significantly. Use it only on your phone if you really have to as that device gets unlocked the most number of times per day. Do not use it for anything else, never ever.

I agree. But I was assuming the password on his shared windows 2000 computer is "god". And that his hotel wifi connection mysteriously requires installing screen share software. In that case it only marginally reduces security.
  

If your password is "god", then you're a lost cause anyways. You don't need security considerations in your life, you need the Arhitect to build a v2 of you.

[TheGodson]

I wouldn't be opposed to the option (however, I see it as extremely unnecessary), but as a requirement I think it is completely contradictory to what Bitcoin stands for. I enjoy having my anonymity on this forum.

Just make a tough password that no one is going to bruteforce and you should be okay.