The biggest problems I see when using biometric identification is the fact that you can't change your identification. If it gets compromised, you can't use it any more...
IMO, biometrics are inherently flawed as an authentication method because you cannot change your biological traits. For instance, if an attacker compromises an account I own and I can somehow recover it, I will not be able to change my face/voice/fingerprint/etc. in order to safeguard it again. But I can change the password. So, by my book, password wins. Later edit: looks like hqsec beat me to it
A fingerprint is a long password as well and actually longer. Any bio-metric data is just a password, because it has to be transformed to a file, which it can be compared to. The only difference is, that you do not have to remember it, but as it was stated, it can not be changed. A changing algorithm at any login might do the trick.
The other thing passwords have that bio-metrics don't is that they can be stored as a secret in your brain. Unfortunately, your brain is not good at storing the random strings of characters required for good security so eventually, passwords will be obsolete. Your face, voice, and even fingerprints are available for hackers to capture in public places. If bio-metrics become main stream, look for hackers to amass databases full of people's pictures, voice recordings, and fingerprints to be used against stolen bio-metric hashes. Let's skip all this intermediate stuff and go straight to 2 factor authentication!
But that system also has a problem, what if you forget your hardware token, or smartphone? You won´t be able to login to your mail or banking-account, at least not on your own PC. EDIT: I meant, you won´t be able to login on PC´s outside of your home where you probably keep the hardware token.
I think people exaggerate when they present passwords as a huge issue. How often are you hacked due to your password? It seems like the Bogeyman this issue, we all hear about it but nobody experience it. Theoretically most security is junk and even with a strong password or with a need for "selfies" to sign in most people can get their accounts hacked by an sophisticated attacker, the question is more like "is this account interesting enough to hack?" and if so "how much time would an attacker be willing to spend to hack it". In sites like this I use a fairly weak password and I'm sure someone could "get in" by starting to brute force it but why bother when all I say is public anyway and they can simply make an own account themselves to say things? What would an attacker gain by having this account? I use 8 char passwords on a lot of sites and those accounts has never ended up posting stuff written by someone else or had the password changed, however on some sites I go with 15+ chars just to harden them from rainbow table attacks and bruteforce attacks, but those are very few and I value those accounts a lot and believe that an attacker might have interest in those. But a weak password will do just fine as long as the stuff its protecting is of very low or no value to an attacker. There are so many sites out there with so many accounts and personally I would not be interested in doing anything with most of these accounts even if I had access (since I'm no spammer). There are sometimes a password might be questioned as only security, such as sites that handle money (banks), site with much private stuff (email, cloud services) and so on. But for most sites a simple password has its use and offers enough security already (according to my experience), and I would probably not sign up if they required me to do extra steps and go through a two way authentication (its too much work to protect from a threat that will never happen, and if it happen then what wastes more time: having to two way authenticate every time for X months or making a new account?).
Seems to me the problem with e.g. biometrics is that they can be traced back to a person's real identity. That is a huge, *huge* legal and ethical problem. e.g. What about whistleblowers? People under witness protection? Journalists working inside war zones or oppressive regimes? Likewise, a physical token can be stolen. Sure, someone can coerce you into giving them your passwords, but if they can do that then you're already in their hands, so it's not like biometrics etc. would be an improvement. And no form of authentication is immune to phishing. Etc. Long story short, there are people whose day-to-day work and physical safety depends on anonymity as well as authentication security, and a lot of those people are really really important to have around. So I tend to view pushes to move away from passwords with a great deal of skepticism. Just because something is a good idea for Joe iPhone User doesn't mean it's a good idea across the board.
@ WeAreAllHacked I agree with you. On important sites I use strong passwords, and on some others, I use easy to crack ones. So far the only site that offered me a hardware token was my bank, and I do feel a bit safer. But I have to say that I never really thought about passwords being stolen by hackers on some companies servers, that is a serious problem of course.
If things like fingerprint readers, eye scanners, etc become mainstream, I'd expect them to end up with much the same problems as credit/debit card readers. We've already got card skimmers that look like the card reader is supposed to. What prevents the same thing from happening with biometric ID devices? Even if the biometrics itself is flawless, what prevents the device it runs on from being compromised, storing or sending the "biological passwords" to whoever has a use for them?
I edited post #8, made a mistake. I think 2FA is cool for important accounts, but I noticed that some banks are already giving options to login with a PIN code, because a lot of people don´t have access to the hardware token for example at work. To be honest I´m too paranoid to login to certain accounts (like mail and bank-accounts) on PC´s that I don´t own.
