See hidden discussions | Win great prizes | Get free support
Is it my imagination, or are organisations not working together to form standards as they did in the past? It seems the world is more divided than ever on some things. Why isn't there a standard for biometric identification via fingerprint, for example? I should be able to log in to any web site with my finger print from different terminals using different hardware... but noooo...
But as millions of Internet users have learned the hard way, no password is safe when RICA can, and do, pilfer them en masse from banks, email services, retailers or social media websites that fail to fully protect their servers.
And with governments wanting to store more and more information so they can spy on and track their citizens it's guaranteed that biometric information will fall into the hands of private sector organised crime.
And use a different one for every site, Using above example "Correct horse battery facebook staple" for facebook
As for biometric attachment on authentication, its all good till its compromised, passwords you can change, what do you do when somone find a way to mimic your fingerprints or such. Words you can change, body parts you can not.
The main thing is to increase the search space. So even if you just add say '....' onto the end or start of your password you increase its effectiveness exponentially.
Dog123 will take around half a second to break while Dog123.... will take around 19 years
Remember, you know that its only 4 periods... but the attacker does not know that. He has to go through the whole search space i.e. try every possible character on those 4 spaces.