As painful as passwords are, I don't see good things coming from replacing them with a physical object (device or anatomy (biometrics).

Having to rely on physical devices is a pain. What happens when you misplace or lose your physical security 'key'? Right, you'll tell me that the security will be in everyone's phone so there's no need to keep track of a separate device - and that will work great because everyone in the world always has a smart phone with them 24-7, and no one ever misplaces or breaks their phone and phone batteries last forever and knowing that people have a 'master' password in their phones wouldn't provide any additional incentive to steal cellphones. Sounds great.



Biometrics on the other hand don't have the downside of having to keep track of a device or object because it's linked specifically and only to some unique aspect of a person's physical identity (fingerprint/retina/whatever) so would appear at quick glance that seems both more convenient AND more secure, but stop to think about what that means. Every time you access any device or web page or app or service that requires biometric authentication, you are transmitting your unique unchangeable biometric data. That data has to be encrypted and then is sent somewhere to be authenticated (just like when you type a password in today). So, I guess if you believe that security standards will prevent anyone from being able to intercept or decrypt and re-use your biometric data then you don't worry about this. In reality if you think this you are hopelessly naive, because you SHOULD worry about, but you won't because ignorance is bliss. Today keylogger viruses/apps record what keys you press tomorrow the apps will record your biometric data before it is encrypted and sent to whoever is authenticating your identity. Today identity thieves use credit/bank card skimmers to record the data on your bank/cc, tomorrow it will be biometric skimmers that record your biometric data.





Today, if your password gets stolen you can contact the company the pw is associated with and reset it. What happens when your 'password' is biometric data that can't be changed? Once your biometric data has been stolen how to you 'reset' your biometric data(password)? How is an authentication service going to be able to tell the difference between you sending your fingerprint and a hacker sending your fingerprint?





Passwords for normal use are very secure when used correctly, and simply making ALL password authentication require 2 or 3 factor authentication would make them as safe as anyone needs them to be for normal use. For data centers and IT organizations who have access to servers and databases I can see why they might want to rely on physical keys as part of a 2 or 3 factor authentication system, but for normal people doing banking, paying bills, purchasing, physical devices that replace passwords provide a false sense of security, little more.





All the examples I've heard of where a 2-factor authentication system has been compromised were not because of the 2-factor authentication, but because someone figured out a way to exploit a company's loose 'password reset' funtions. Can anyone point out an example of where a 2-factor authentication system with proper complex passwords and a secure password-reset function was compromised?

