For fingerprint issue, can we trust Lenovo and MS the way we trust Apple?

I would trust Microsoft, but not sure about Lenovo.

 

No. With that said, I don’t see the value in using a fingerprint to unlock a computer you ont be locking nad unlocking all the time like a phone.

 

No to fingerprint, face recognition or pin. Just use a password and a local account.

I use a pin for iOS. Since that is the only practical password for it. Plus the 10 attempts to a wipe gives enough security. Although I’d rather have it limited to three attempts.

 

Personally I don't see any issue, not that I trust MS & Lenovo any more than Apple. with the former being a good deal more transparent.

Q-6

 

I don't even think about it. Nobody is trying to get your fingerprint. It's a solid security function. Next will be retina scan. No worries there either.

 

Just use it, or don't use it, but stop worrying about it. To be frank your asking the wrong audience, speak with Lenovo and look at the ThinkPad forums. The biometric data is likely secured by TPM (one would hope). If you want absolute security use a smartcard reader where the biometric data and or password is stored on the smartcard not the local machine, or a third party BT solution.

In short the fingerprint login is about as secure as a password IMO, any password or "token" can be broken by a determined individual with the right knowledge. Personally I would use it out of convenience, equally mindful of the data stored. What I wont use is any iris or face recognition to unlock a computer as they are generally inappropriate in a business/professional environment, regardless of the security protocol behind it.

Q-6

 

And the smart card is an option that you could purchase through Lenovo for your X1E, if you do have any serious security concerns.

You could also place a bit-locker key on a thumb drive so that you would need to insert the thumb drive to decrypt the SSD.

 

I use facial recognition on both my iPhone and my Surface Book 2 (FaceID and Windows Hello), so I guess so.

--- Post Merged, Oct 15, 2018 ---

My gun safe at home uses fingerprint ID, though it fails about 50% of the time. Keypad is right there, though, so most of the time I just use the #.

 

That is pretty much true of any company, though it doesn't keep people out of your phones. The biometric info is stored on a chip that processes the security clearance without even passing it to the OS.

iPhones with fingerprint readers have been hacked very easily. FaceID has also been hacked, but not as easy as fingerprint ID. I don't believe Apple is any better or any worse than Lenovo when it comes to this kind of thing. Common sense on the part of the device owner is still required.

That said, the biggest target from where fingerprints might be hacked is probably the government. The FBI, for example, has a database of over 100M fingerprints, that include citizens and non-citizens. The Department of Defense also maintains a database for military personnel. A breach to one of those is probably a far bigger concern than someone trying to get your fingerprint ID from a single laptop.

Here is a little more info on the fingerprint technology Lenovo uses...

 

Weird topic. Used to be if you forgot your TPM lockout on laptop then you'd have to order a replacement component as they can't unlock it. What would they do with your fingerprints?

 

Yes. If i went this route and I have not, I would probably use one of those thumb drives that can be attached to my car keys. Something along the lines of the Samsung BAR Plus, which is aluminum and claims to be water/shock proof, temperature resistant, etc.

There are also the flat business card types that will fit into a wallet, but I don’t trust the reliability/durability of the design.

You could also attach one to the inside of your laptop bag with a lanyard, but it would really just defeat the purpose.

 

It’s a double edge sword, the more layers of security you add the more possible points of failure you add.

 

Unless your going to be specifically targeted I wouldn't worry about it. A strong password, fingerprint or even pin number will be more than adequate, just ensure Bitlocker is enabled.

You can also remotely lock the notebook and reset the password to something impenetrable...

Q-6