Will biometric logins keep me safer?
The short answer is no, not necessarily.
The idea of using your fingerprint to operate your devices or your voice to unlock an account is just so easy—exciting even—and the technology is advancing all the time.
It has the potential to do away with passwords that can be hacked or stolen, to instead use a fingerprint, retina scan or facial recognition. To the password weary—this sounds blissful!
However, it is not without risks. There have been reports of hackers and scientists being able to fool the biometric readers (with photographs or complex algorithms) and steal biometric data. This means the evidence of who you are can be stolen by malicious cyber actors. And a fingerprint is much harder to ‘reset’—ouch!
Currently, it is more difficult to steal biometric details than to hack a password, however having your fingerprint or other biometric data compromised has much greater consequences.
So what do you do?
Use two-factor authentication.
Two-factor authentication involves using different criteria to authorise access to a website - with something only you know (like a password), something only you have access to (like a phone with SMS capability) or something you are (biometrics).
A range of websites including Twitter, Paypal and WordPress, have an optional second factor to their log-on process.
Whether you use passwords or biometrics, single factor authentication leaves you exposed. You need more than just one level of authentication. For example, use a fingerprint and strong password. Or use a strong password and have a one-time use pin number sent to your phone. You could even consider your fingerprint as a login—you still need a strong password.
If you use any service that offers additional factors for authentication, we recommend you enable and use these.
Remember to keep all authentication details safe and secure. Use strong passwords/passphrases, use different authenticators for different websites and be very careful which websites you give your biometric data to.