Don Burleson over at Burleson Consulting has written an interesting survey of Oracle biometrics applications.
With the inherent problems associated with passwords Oracle security administrators are finding that Oracle biometrics is a more secure and cost-effective solution. Oracle biometrics system offer more secure environments and also remove the need to dedicate a help-desk person to manage changing passwords for hundreds of end-users.
It’s interesting to see what’s out there, but as Zach will always remind us, biometrics will not hold up in the long run. As biometrics become commonplace they will be hacked. What will you do when someone steals your fingerprints (or the digital representation of them.) You can’t change them. Hell, you can’t even keep from leaving them behind just about everywhere you go.
If a lock can be opened, it can be picked; and if your password can be used, it can be forged. The more common biometrics become (Don mentions in his article that fingerprint readers are now less than $31) the more folks will set their sights on hacking them. These devices work on common interfaces and pass their information over networks potentially exposing your personal password to unknown parties.
If biometrics catch on you could be required to provide fingerprint identification to use your credit card at your local convenience store. Do you really trust them, or worse yet, the government (who can’t even keep your SSN secure) with your password to your bank account, business account, desktop computer and medical history?
So if biometrics isn’t the holy grail of electronic security what is?
I don’t know what the future of password management is. The most holistic solution I’ve seen yet is the one that Zach and I proposed last year where users are provided with a “password change authorization code” which they are encouraged to keep with their birth certificate (or in another safe place) which allows them to change their password through a self-service page in the case of password loss.