In the biometrics field we use the threshold that separates an authentic and impostor match score to adjust our system sensitivity - for TouchID it's set such that the false acceptance rate (FAR) is high, while the gov may set it very low (usually the standard for papers is looking at the false reject rate at 0.1% FAR).

The alternative you suggest is related to biometric key binding (http://www.cs.cmu.edu/~vboddeti/key-binding.html).

So this article is a year old, I don't know if Apple has managed to improve things since then.

But if it were as easy to get access as the article suggests...

I agree you take the right approach by identifying adversaries. And I agree that it's relatively reliable against kids or random people randomly screwing around. And not against governments.

But there's a whole bunch in between that. Business competitors? Ex-partners or personal enemies, motivated enough to hire a private detective or similar that can easily do this?

I think the line of "reasonable defense against" for this technology is actually probably _just barely_ above random people screwing around with your phone because it was just lying there. And there's a whole lot above that but below national intelligence agency.

I remember reading the original article on cracking Apple's fingerprint ID and the crackers mentioned that, while definitely crackable, it requires a certain level of sophistication and thus they considered the addition very worthwhile as a way to protect against robbing, etc.

This a thousand times!

When you think about security, you should have in mind who you are protecting against, and the same applies to passwords.

Security purists love to advocate that password reuse is evil, but who in the first place is going to be your attacker and for which purpose?

For example, in the context of money (online banking, paypal, ebay, etc.) I completely agree that password reuse is evil.

But when it comes to random websites, or simply to access my devices does it really matter? The first time I saw the Chromebook my first impression was "do I really have to write my entire Gmail password EVERY TIME I want to access this thing???" With my Galaxy S5 I was like "Don't tell me how should I create a password to unlock you!!! If I want to use 0000 it's my problem!!!"

I personally like the approach of FastMail: Different Login methods (like using Google Authenticator to generate random one time use passwords, or the ability to create different plaintext passwords). You decide which login methods allows you to access your account, and which ones allows you to manage it.

> Security purists love to advocate that password reuse is evil, but who in the first place is going to be your attacker and for which purpose?

You don't know, that's why password reuse is evil.

Years ago when I made my Facebook account it used the same password as all my other accounts. Now that I use Facebook as an OpenID provider for pretty much any news site I would be exposing myself and my friends to all sorts of attacks if someone found hacked a phpBB forum that I frequented years ago. You could make the argument that only important sites should have unique passwords, but you, your grandmother, and I all have a different definition of important sites.

OpenID does not provide your password to each site that you use it on... It uses a token that only that site can use, for the permissions that were shown when you created the token. If someone did acquire that token, you could just change your Facebook password and the token would expire

If my Facebook password and some old website's password are the same my Facebook can be compromised. Then the attacker can run around on the net pretending to be me at any OpenID accepting website.

OpenID isn't being attacked or at fault, it's non-unique passwords.

And you don't think your children will try to hack your fingerprint with a gummy bear? A fingerprint makes a poor password and even a worse ysername. So much for asking your spouse to log in and check something for you

Won't work with TouchID - reads the blood vessels in addition to the prints.

Still, I'd rather not give hardened criminals a reason to cut off my fingers.

I think that goes back to identifying adversaries. It's unlikely a criminal would attempt to cut off fingers for access to a random smartphone.

If you have secrets that are very valuable, you are outside the standard use case, and should probably use more advanced authentication.

I figure a criminal would just rather have you change and disable your password altogether, it takes much less time that way and it's easier to do rather than dealing with carrying around a bloody finger.

I'd probably just unlock it for them if they had my phone and my person in their possession

If you're keeping information on your phone that may tempt adversaries to cut your fingers off, you may want to rethink some things.

Have there been any reports of this actually happening in the past year?

I'm not really interested in being the one on whom someone learns that, though.

Very few thieves would go that far, and they would almost certainly give you an opportunity to unlock the phone for them instead. Most people would take that opportunity.

Exactly. It doesn't matter how strong your password is when there is a gun in your face.

Ideally, you will have one that is easy to remember.

Er, that's just not true, as proven over and over by people fooling Touch ID with images of a fingerprint.