On Wed, 2003-12-03 at 15:32, Manoj Srivastava wrote: > An even better security guideline is "something you are" -- so > should we not spring for retinal scanners/fingerprint readers/other > buiometrics? I mean, we _are_ talking about other peoples money. :P
This idea has recently been in the news in Britain, where the Home Secretary wants to introduce ID cards for everyone, complete with biometric data. Someone has been able to produce fake fingerprints (good enough to fool fingerprint readers) within 20 minutes using easily available technology (digital camera, etc). I would place no reliance on such things unless they were administered under strict supervision, so that a human checked that it was a real finger or a real retina that was being examined. That puts the whole idea out of court for authenticating remote access. -- Oliver Elphick [EMAIL PROTECTED] Isle of Wight, UK http://www.lfix.co.uk/oliver GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C ======================================== "What shall we then say to these things? If God be for us, who can be against us?" Romans 8:31
