I have my reservations about fingerprint readers. This article about how the UPEK software stores a users passwords in a very insecure way, serves to make me more wary about anything that stores passwords.
http://blog.crackpassword.com/2012/08/upek-fingerprint-readers-a-huge-security-hole/
Fortunately, the silver lining I'm pulling out of this story rests with the great advantage of using disk encryption such as BitLocker. If the disk is encrypted, then the not so securely stored password for the fingerprint reader turns out the encrypted just by virtue of being stored on the same disk. If you've got multiple drives or volumes, then make sure that the separate drives are encrypted too.
Lesson learned before I get into any trouble.
No comments:
Post a Comment