Two finger unlock?

asked 2019-10-20 23:38:40 +0300

vattuvarg gravatar image

Would it be possible to use two-stage fingerprint authentication to unlock the phone - one finger to wake the device and then another to unlock?

edit retag flag offensive close delete

Comments

already implemented
Furthermore for the wake up a discussion is started about on which part of the gui should be displayed by wake up. As described in this thread, the current displayed part is the numlock to unlock the device
The wish for some people is to have the lockscreen (with clock and weather info etc..).

cemoi71 ( 2019-10-21 01:11:37 +0300 )edit
1

What I ask for is the need to use two different fingers to authenticate.

vattuvarg ( 2019-10-21 06:48:40 +0300 )edit

Currently you can do it with the process with 2 different finger. What you mean that the system should strictly ask for an other finger... I don't see the benefit for the user. it is more complex, and it could really confuse him and spare the device. my point of view.
Otherwise you've already see an application which work fine and then i would bow myself....

cemoi71 ( 2019-10-21 09:18:45 +0300 )edit

I think what @vattuvarg is asking for is two individual fingers to unlock the phone. Essentially MFA. It would make the unlock process significantly more secure, with very little impact to convenience to the user compared to one fingerprint.

Why would it be so much more secure?

  • Finger print sensors have a certain false positive rate. The chances of getting two false positives in a row is extremely low. Especially when you use different fingers.
  • One of the easiest attacks to take advantage of is any residual oil left behind from the previous authentication. Each finger would wipe out the previous attempt.
  • For other techniques, the attacker simply has twice as many things to get right.

On the user side: tap, tap, done.

ksandom ( 2019-10-21 11:21:36 +0300 )edit
1

Fingerprints are inherently insecure (you leave them everywhere) and quite easily duplicated, so if you are worried about security, you shouldn't use them in the first place.

Also MFA does not make sense if you don't use a different factor. It wouldn't make sense to enter 2 passwords either, when both are static (which is basically the same thing you are suggesting).

It would make more sense to force usage of pin & fingerprint and only unlock if both are verified.

lethe ( 2019-10-21 13:09:59 +0300 )edit