Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Don Y <blockedofcourse@foo.invalid>
Newsgroups: sci.electronics.design
Subject: Re: Re:When will they ever learn...
Date: Tue, 26 Nov 2024 13:39:18 -0700
Organization: A noiseless patient Spider
Lines: 15
Message-ID: <vi5blq$3jrh4$1@dont-email.me>
References: <vi0njk$2fvb1$1@dont-email.me> <vi4pou$3glds$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Tue, 26 Nov 2024 21:39:23 +0100 (CET)
Injection-Info: dont-email.me; posting-host="d9eeeac3a4b65de5894181c47d01d21b";
	logging-data="3796516"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX18QGzZquZ37eA0aV4KrW/wO"
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:102.0) Gecko/20100101
 Thunderbird/102.2.2
Cancel-Lock: sha1:kKWQGjxYeUHxcWBv3MAltmddG/4=
Content-Language: en-US
In-Reply-To: <vi4pou$3glds$1@dont-email.me>
Bytes: 1996

On 11/26/2024 8:33 AM, Martin Rid wrote:
> Don Y <blockedofcourse@foo.invalid> Wrote in message:r
>> <https://www.theverge.com/2019/8/14/20805194/suprema-biostar-2-security-system-hack-breach-biometric-info-personal-data>"Dear Mr X.,    Due to a recent cyber incident, here, the login credentials (authentication)on your account need to be updated.  Could you please use a DIFFERENT finger,in the future?  If you have already used all of them, may we suggest TOES?"
> 
> Sorry, you cannot use your last ten fingers.

That;s the problem.  There are infinitely many "passwords" and passphrases
and physical tokens that one can apply as authenticators.  If any ONE is
compromised, you can freely adopt another, BETTER one.  Once you run out
of *supported* biometric features, you are no longer identifiable as YOU!
(unless you can grow a NEW finger, etc.)

> Sounds like a new authentication policy.