this post was submitted on 17 Dec 2024
17 points (94.7% liked)
Technik
352 readers
19 users here now
die Community für alles, was man als Technik beschreiben kann
Beiträge auf Deutsch oder Englisch
founded 5 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
So if I refuse to give Microsoft my biometric data they will replace my perfectly secure password with an inferior pin have I got that right?
My understanding as well. Then there is this quote
How does a PIN, which is inferior to a password, provide more security, when passwords alledgedly aren't secure anymore?
This is an obvious grab for biometric data if you ask me. The statements are too contradictory. At some point PINs are gonna get phased out as well. A bit like what they're doing with local accounts on Win11
good thing biometric scanners can also be duped easily, unless it is some advanced stuff you won't find in consumer devices.
You do not use the PIN to log into your account, but to unlock the passkey that is used to log into your account.
A PIN + the need to physically access a device capable of logging into your acount is safer than a password, which is safer than a PIN.
On the other hand, a compulsory 2FA bound to a physical device will create lots of problems when you loose access to your device.
That doesn't sound quite right. The biometric data is on the local device only. It's used to "unlock" a long encryption key which is then used to authenticate with the server. Honestly, still learning about these myself. It looks like a good solution if they are implemented properly. I read this which was useful.