How safe is using the fingerprint scanner ? can the file be stolen and used ?

PCVSnotebook

Junior Member
Feb 13, 2013
5
0
0
The Fingerprint scanner that comes with notebooks , how safe are they ? and how do they work ?

Is it safe to use ? or not ? I assume the software will store the fingerprint scan in a file ... lets say some one steals that file , can he use it to access my data on the notebook ?

Furthermore , is there a way to use the fingerprintscanner for internet password , like this forum here for example ? and how safe would that be?
 

watdaflip

Member
Feb 11, 2013
25
0
0
I don't have detailed knowledge of how they work, so this is more speculation, but I would imagine that the computer would store either a hash or encryption code. The signature from the fingerprint scan is the key to successfully recreate the hash or do the necessary decryption. Regardless of the inner working you shouldn't have to worry about the security of using it to authenticate to gain access to the computer (I highly doubt whatever signature it generates isn't just in plain text file somewhere)

The fingerprint scanner is hardware just like anything else on your computer, I'd image there is a way for a program to use it verify your identify for a password management program to store your passwords you use on the internet. But you would need such software to handle that (I'm not sure what program have the functionality to use a fingerprint scanner). The safety of it would depend on the software, but in general it should be just as safe as using it as your login to the computer
 

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
Some fingerprint scanners have the option to hardware-encrypt the stored passwords with an encryption key that's part of your individual scanner. Others don't, and Upek/Authentec came under fire when it was discovered that the user's Windows password could be readily pulled out of the Registry with just a little work on the ones that have no hardware-encryption option.

Note that it's the Windows password at the center of the gripe there. With it, a local attacker could harvest your password, log on as you, and decrypt files that you encrypted with the Windows Encrypting File System.

As far as using the fingerprint reader for Forum and website log-ins, I'd suggest Authentec Protector Suite, except Apple bought Authentec and promptly closed it forever, so you can no longer buy the software.