Q: Is the finger print sensor secure? The phone ask for my PIN constantly. I know on Windows computers with finger print scanne ... Is the finger print sensor secure? The phone ask for my PIN constantly. I know on Windows computers with finger print scanners I am not asked for my password. more
-
All replies
-
Helpful answers
-
Oct 31, 2015 11:10 AM in response to Game Dudeby Briansyddall,Hi
Iphone / ipad finger print sener works very well if you have a problem
Just delete and add prints back again .
Passcode always needed when you first turn on each day .
Cheers
Brian ( UK )
-
Oct 31, 2015 11:23 AM in response to Game Dudeby Meg St._Clair,With TouchID enabled, you'll still be asked for your passcode when you restart the device or when you haven't accessed it in 24 hours. Are you seeing something different?
-
Nov 1, 2015 8:46 AM in response to Meg St._Clairby Game Dude,I Am but my question is why do I need to enter a less secure pin or password? Or is the finger print not secure. If it is not secure should I disable it? Also why don't I see this on other systems using biometric security?
-
Nov 1, 2015 8:53 AM in response to Briansyddallby Game Dude,Thanks for your reply. I want to know if Apple implemented a less secure finger print scan? And will there be a fix, so I don't have to enter what should be a less secure password? I have an RSAID token for my company network. I also use a finger print scanner to log onto my PC. I never have to enter my password unless I need to change it.
-
Nov 1, 2015 9:34 AM in response to Game Dudeby Meg St._Clair,Game Dude wrote:
I Am but my question is why do I need to enter a less secure pin or password? Or is the finger print not secure. If it is not secure should I disable it? Also why don't I see this on other systems using biometric security?
The reason you have to do this is because it is secure. The iPhone stores your fingerprint in a way that's not readable by anything else. But that means that the phone has to be completely booted for it to work. I can't comment on how other biometric security systems work.
Perhaps reading this article will help:
-
Nov 1, 2015 9:42 AM in response to Game Dudeby Philly_Phan,Think of it this way. Regardless of whether or not your passcode is REQUIRED, it will ALWAYS unlock the phone. It's not a matter of the fingerprint ever being required. The fingerprint is a convenience. IF the passcode is not a secure mechanism (and I don't accept that it is) then you will never have true security.
If security is a major concern for you, use a longer passcode - mine is eight digits.
-
Nov 1, 2015 1:13 PM in response to Game Dudeby Game Dude,Thanks for your reply. I do have a longer passcode. Pass codes are less secure but the virtual keyboard makes it not practical to use a strong password. That said I will put a support ticket in to make sure.
It may be secure as you say but my gut question how secure when Apple does not show the trust in the technolog. Usually strong security is preferred over passwords and especially numeric PINs
-
Nov 1, 2015 1:27 PM in response to Game Dudeby Michael Black,You may be getting asked for the passcode often because your fingerprint sensor is dirty or smudged with skin oils. Some people report it being more problematic than others as everyone's skin chemistry is different. Try just wiping the home button when it prompts you and try again.
I usa a 13 alphanumeric character complex pass phrase with my iPhone and iPad which works fine since I rarely have to actually enter it. I clean my screens and home button with a microfiber cloth.
Neither a strong pass phrase or a fingerprint is inherently "more" secure than the other. Both can be very good security if the pass phrase is well thought out when created (and is never shared nor written down anywhere other than in an encrypted pass word database or app), and on an iPhone both are stored in a strong encryption hash key.
-
Nov 1, 2015 1:33 PM in response to Michael Blackby Philly_Phan,Michael Black wrote:
You may be getting asked for the passcode often because your fingerprint sensor is dirty or smudged with skin oils. Some people report it being more problematic than others as everyone's skin chemistry is different. Try just wiping the home button when it prompts you and try again.
I usa a 13 alphanumeric character complex pass phrase with my iPhone and iPad which works fine since I rarely have to actually enter it. I clean my screens and home button with a microfiber cloth.
Neither a strong pass phrase or a fingerprint is inherently "more" secure than the other. Both can be very good security if the pass phrase is well thought out when created (and is never shared nor written down anywhere other than in an encrypted pass word database or app), and on an iPhone both are stored in a strong encryption hash key.
You misunderstood his point. He maintains that a passcode is inherently insecure (I disagree with his position).
Also, being asked for the passcode is not really part of the equation because, even if a fingerprint will be accepted, a passcode can ALWAYS be used. There is no condition that requires ONLY a fingerprint.
-
Nov 7, 2015 2:55 PM in response to Philly_Phanby Game Dude,I agree you can use the pin anyway but that does not explain why the finger print can't stand alone. It is more secure than a pin. I don't know how a 4 digit PIN is as secure as a finger print. I use a 6 digit PIN but even that leaves 999,999 possible choices. A strong password is going to be at least 8 characters with special characters and numbers Which gives trillions of combinations. A finger print is even more complex and thus more secure.
-
Nov 7, 2015 2:59 PM in response to Michael Blackby Game Dude,There is plenty of info about how secure a password is vs finger print. Also a password usually conforms to what the users percieve as memotable. This makes passwords less secure. They are not random.
-
Nov 7, 2015 3:04 PM in response to Game Dudeby Phil0124,Yes, but what happens if for whatever reason your print cannot be read? The sensor is compromised? Your registered finger was cut or injured, and your pattern is no longer the same? etc...
The Passcode is there for redundancy. In case you ever need to access the phone without using your finger print for whatever reason.
All bio-metric access systems have a secondary access method. It would be a very bad idea to trust a single method of entry.
a 4 digit pin would is still very secure in terms of a cell phone, since even if you could have a computer go through all possible combinations you still need to manually type it in. And manually typing in 9999 possible numbers is going to take a bit of time.
Not to mention that after several wrong attempts the iPhone will lock itslef, and will not accept any more pin numbers for a period of time. This period time gets longer the more incorrect pin numbers you try.
At the end of the day it is quite secure, and offers a redundant access option when your print is not available for any reason.
-
Nov 7, 2015 3:49 PM in response to Game Dudeby Michael Black,Game Dude wrote:
There is plenty of info about how secure a password is vs finger print. Also a password usually conforms to what the users percieve as memotable. This makes passwords less secure. They are not random.
A 8-12 character alphanumeric passcode made based on a phrase or rhyme or other combination of letters and numbers can be both easy to remember and also very difficult to crack. Admittedly a simple 4-digit numeric code is not nearly as good, and that is why I do not use them, as I said.
But any fingerprint scanner, or face recognition camera, or voice recognition via a microphone are all subject to simple hardware failures. There has to be a backup to allow people to get into their devices in the event of such a hardware failure of that one critical piece of hardware necessary for the biometric security system.
iOS includes the ability to make that backup password very secure as well, but people have to be willing to make use of those features. Reality, according to police theft reports and FBI stats are that most owners of smart phones have no security block on their devices at all - they'll claim it is too inconvenient to use.
-
Nov 7, 2015 8:08 PM in response to Game Dudeby Meg St._Clair,TThe fingerprint can't Stan alone because, fo security reasons, as I understand it, the phone has to be booted to decrypt the stored data and match it to your finger. It can't do that if you've just restarted the phone.