Face ID

 A username and password has been the main way in which people use IT for decades. The username being your identity and the password being a secret that only you know. The username is often public. A typical example being your email address. Your password is private but depends on you choosing something that can't be guessed or is complex. The word "password" is not a good one.

Essentially this means that the security of your personal data comes down to one word. Your account can be accessed by anyone who knows the password or can guess it or has software that can just try combinations of numbers and letters to guess it. 

Its hardly surprising that many additional security methods have been added to the mix over the years. One popular addition is a Personal Identification Number (PIN). This typically has 4 to six digits. Another is a second factor or multi-factor authenticator. This could be a key fob or app on your phone. Another is a one time password (OTP) sent to your registered phone by text. 

A key fob in your USB slot of your PC can also act as a password or authenticator. The FIDO standard now defines a common standard for these kinds of physical security devices.

All of these improve security. However, a lot of people just find them annoying so tech companies have been looking for something better.

The Microsoft solution is Windows Hello. This first appeared in "beta" with the 2015 Lumia 950 Windowsphone. This came with an iris scanner. The lack of success with Windowsphone means that you now see it on PCs.


Windows Hello can either be by a camera or by fingerprint reader. You can buy a usb fingerprint reader for as little as £20. My PC currently has a Windows Hello fingerprint reader. If you buy a Surface device then Windows Hello is standard on the PCs.

Mobile phones now mostly come with a fingerprint reader so typing in passwords has gone from them.

Then there is Apple. If you buy a modern iphone you get Face ID. This replaced Touch ID (a fingerprint reader) on most iphones. 

Face ID works well. As you look at an iphone it simply unlocks. No fuss. No passwords. Many applications now support it. Your ID stays on your device so it's private. 

There are videos about twins fooling Face ID. However, this is a rarity. The main problem in 2021 is a global pandemic. Wearing a face mask has become normal and using a fingerprint is now better than using your face. 

Rumour has it that Touch ID is coming back to the iphone. Whether this is later this year or means it will be in addition to Face ID is unknown. The problem is that for iphones sold in the last couple of years Face ID is now annoying rather than convenient when people wear a mask.

Apple are known for expensive solutions. So the new update to IOS 14.5 is expected to bring a new unlock method for iphone to get around the problem of Face ID not working. Being Apple the solution is using an Apple watch for authentication. 


To do this you need an Apple Watch. We are a long way from simple passwordless solutions promised by bio-metrics. The Covid-19 pandemic is throwing up some strange consequences. Iphone users buying Apple Watches is just one of them.


Comments

Post a Comment

Popular posts from this blog

Powershell Symlink to Onedrive

Image
I have more than one PC. To be precise, and overly pedantic, 3 Windows 10 laptops. All are slightly different and of various ages. One I use with a Windows 10 Insider Build to keep up with the next thing coming down the pipeline. On each, I do a bit of Powershell . Powershell is the latest generation of Windows command line tools. The Linux enthusiast would look down on the Windows command line of whatever generation but Microsoft has always provided command line tools. In the early days MSDOS was a command line OS. It did little but create directories (folders), copy, move or delete files. It ran “command.com” which some said was just a basic file system manager and way of loading programs into memory. It wasn’t difficult to disagree. Developers brought out alternatives to this such as 4DOS , literally “for dos”, by JP Software . They also produced 4NT, which enhance the Windows NT command processor and 4OS2. The latter was for the IBM OS2 Operating System of the late 80s and ea
Read more

Being progressive rather than universal

Image
Microsoft was not short of ambition for its tiled interface and One Windows strategy . Microsoft was doing what no other tech firm had done - uniting mobile to desktop/laptop PCs in one experience. Apple had two OSs available - IOS for phone/tablet and OSX for its desktop/laptop users. They were different and had different interfaces. Google had two OSs - Android for phone/tablet and ChromeOS for its Chromebook devices. Of course, even One Windows doesn't mean exactly the same OS but it does mean components have such similarity that the interface appears the same to users and, with little modification, apps can run on all platforms. Unfortunately, the app platform UWP (Universal Windows Platform) was hobbled from day one. Microsoft had a poor quality application store, ever-changing developer tools and standards and a Store that only worked (on the PC side) for Windows 8 and latterly Windows 10. While people used legacy versions of Windows such as Windows 7 and XP t
Read more

Identity as the new security boundary

 Not so long ago a PC was safe behind a firewall. The idea was that the physical infrastructure of a network would be enough. Anti-virus and anti-malware products sat on PCs to protect users. Then hybrid working came along. Digital nomads who could connect to networks from anywhere. New startups had users connecting to web based applications. People were bringing their own devices, tablets, phones, projectors and so on into the workplace. Security has now started looking at people. Microsoft call this zero-trust. You don’t just trust someone because they can login. You have systems that secure identity itself. There are three steps to identity security.  1.The credentials that give you authorisation. For most people this is an account identity and password. Often the identity is an email address or some public identity. This leaves the account secured by password. The strength and complexity of the password protecting authentication. 2. Authorization is the next step. What you can a
Read more