One thing Touch ID needs...

Discussion in 'iPhone' started by hello12, Oct 17, 2013.

  1. hello12 macrumors regular

    Joined:
    Sep 25, 2012
    #1
    I just got my iPhone 5S today, and I am surprised by how well touch ID works.

    ONE THING that I think touch ID needs is the ability to require the passcode AND the fingerprint to unlock the phone. Doesn't it kind of ruin the security of touch ID if someone can look over your shoulder, see your pin, and be able to bypass touch ID all together?

    Don't get me wrong, its so convenient and great, but don't you think apple should give us the option to require a passcode PLUS fingerprint when you restart the phone?
     
  2. Matthew Yohe macrumors 68020

    Joined:
    Oct 12, 2006
    #2
    I think the point is you're not supposed to have a simple pin.
     
  3. mcdj macrumors 604

    mcdj

    Joined:
    Jul 10, 2007
    Location:
    NYC
    #3
    Why would you enter a PIN if you're using Touch ID? That's the whole point of Touch ID.

    On the rare occasion when you need to enter it (after a reboot), just cover it with your other hand if you're worried.

    Oh and BTW, no one is watching you enter your PIN.
     
  4. deeddawg macrumors 604

    Joined:
    Jun 14, 2010
    Location:
    US
    #4
    You completely missed the point of TouchID.

    It isn't about increasing the fingerprint increasing the security of the device beyond a passcode.

    It's about making it much more convenient to have a passcode enabled if you never had one before, and making it convenient to switch to a complex passcode if you already used a four-digit code.\

    The "increased security" is across the population of phones as a whole given that so many either don't have a passcode or use a stupidly easy one like 1111, 2222, 1234, etc.
     
  5. mattroman246 macrumors 6502

    mattroman246

    Joined:
    Mar 19, 2009
    Location:
    Upstate NY
    #5
    It's an amazing feature. The only thing I'd like is all ten fingerprints
     
  6. Korican100 macrumors 6502a

    Korican100

    Joined:
    Oct 9, 2012
    #6
    So it's apple's fault because you aren't making sure someone is looking over your shoulder? Wow banks across america have a lot of explaining to do then, since you have to enter your debit pin at the register, or ATM all the time.

    The whole idea of fingerprint is that security access is EASY for you. If you feel ilke you need to turn your phone into fort knox, then do away with Touch id alltogether, and put it a long-character complex passcode instead of a simple 4 digit one.
     
  7. dnayak macrumors newbie

    Joined:
    Jul 30, 2012
    #7
    its not about someone looking over my shoulders. the convenience is to have both but having the flexibility to choose :)
    i also felt if somehow i can hide the keypad - it will be really nice.
     
  8. lulla01 macrumors 68020

    lulla01

    Joined:
    Jul 13, 2007
    Location:
    U.S
    #8
    It would be nice to have two step,

    like a fingerprint then entering a pin.
     
  9. deeddawg macrumors 604

    Joined:
    Jun 14, 2010
    Location:
    US
    #9
    I'm curious - what's your use-case for this? Under what circumstances would it make a difference vs. the current setup if you use a complex passcode instead of a 4-digit PIN?
     
  10. lulla01 macrumors 68020

    lulla01

    Joined:
    Jul 13, 2007
    Location:
    U.S
    #10
    A two step verification sort of deal for people who really want increased security.

    Using the scanner and entering a password or pin.
     
  11. mcdj macrumors 604

    mcdj

    Joined:
    Jul 10, 2007
    Location:
    NYC
    #11
    I don't get it. Or maybe you don't. Scanning your finger IS entering the PIN. Are you saying you want them to be independent? A fingerprint scan separate from the PIN? How about 10 PINS and 5 fingerprints and double retina scanning? Are you CIA? There is security and there is paranoia.
     
  12. deeddawg macrumors 604

    Joined:
    Jun 14, 2010
    Location:
    US
    #12
    You've just restated your prior post, I understood you were looking for two-stage authentication.

    Perhaps my question was unclear, so let me re-ask it in a different way.

    What sort of stuff are you trying to secure? What circumstances are you concerned about where single-factor authentication is insufficient?

    Alternately, what are you concerned might happen with single-factor authentication of a physical device that dual-factor would prevent?
     
  13. MattMJB0188 macrumors 68000

    MattMJB0188

    Joined:
    Dec 28, 2009
    #13
    You act like people's phones are the most secure things on the planet. I THINK NOT!
     
  14. deeddawg macrumors 604

    Joined:
    Jun 14, 2010
    Location:
    US
    #14
    plus nobody's really said what they're worried about someone else getting into?

    Password lockers and banking/financial websites all seem to require another authentication layer already. So great, you got my PIN and grab my phone while I go get a cup of coffee; you're not getting into any of those items.

    I can see where a corporate executive's emails may be a concern, but outside of that what are people concerned with someone else getting into where dual-factor authentication is needed on a device you typically keep close by?
     
  15. pikachu2k7 macrumors regular

    Joined:
    Oct 21, 2012
    Location:
    North Carolina
    #15
    Yeah. Everyone's goal in life is to watch you type in your pin number...
     
  16. chaos86 macrumors 65816

    chaos86

    Joined:
    Sep 11, 2003
    Location:
    127.0.0.1
    #16
    Geez, give the guy a break.

    In the security community, there is a thing called # factor authentication, as in 2 factor or 3 factor authentication. The more factors, the more secure.

    1 factor: Normal user/pass login systems. They require something you KNOW. A bad guy would have to know your password to get in. The username is something else you have to know, but it doesn't count as a factor, because thats your ID in the system, that's what the bad guy is targeting to begin with; it's a given.

    2 factor: Those security key fob things that bank websites (and WoW) have. Something you KNOW and something you HAVE. A bad guy would have to know your password and have the key fob. Those bank website that text you a code to enter are the same; what you have, in that case, is your cellphone.

    3 factor: KNOW + HAVE + something you ARE. The something you ARE refers to biometrics. Your fingerprint, your retinal scan, your hand's bone structure, etc.

    In the case of your iPhone it has been just single factor: something you KNOW, which is your PIN. Now they've added the ability to replace that single something you KNOW factor with a something you ARE factor, which is better, but it's still one factor.

    What the OP wants is to use touch ID to ADD security, not just to replace one factor with another. Why shouldn't apple give him the option? He's saying they made a good product, but missed an opportunity.
     
  17. DefBref macrumors 6502

    Joined:
    Feb 26, 2011
    #17
    Because if the fingerprint scanner fails you can't get into the phone, having the pin code available as an alternative avoids this.
     
  18. hello12 thread starter macrumors regular

    Joined:
    Sep 25, 2012
    #18
    False, I have had friends and brothers and sisters see my PIN before. :p

    ----------

    Makes total sense. It does make having a passcode a lot easier

    ----------

    That is exactly what I am wondering. Why cant we just have an option to require a fingerprint after you type in the pin. It does increase security weather you like it or not because not only is a pin needed but a print too.

    ----------

    No, but I do act like iPhones are the most secure phone in the world....... I THINK SO

    ----------

    Where did you come to that conclusion? Because I didn't say that anywhere...
    Requiring a fingerprint alongside using the pin would increase security weather you like it or not, because people would not be able to simply guess a pin.

    I'm not saying get rid of the fingerprint only access, I am saying that when the pin is typed in correctly, it should ask for the fingerprint after typing in the pin.

    ----------

    Okay now that one really makes sense... It crossed my mind before I posted this thread. Could apple not replace a defective fingerprint scanner in the phone? Or can they not do that
     
  19. dave420 macrumors 65816

    Joined:
    Jun 15, 2010
    #19
    I agree it should be an option to have additional authentication required in addition to a fingerprint. I'll leave it to the developers to work out the exact details. I'm not sure why some people are so against having it as an option.
    Having a second authentication method solves the old problem of people being able to unlock your phone while you are sleeping. (That might not be an issue for 95% of the people, but others may like having added security)
     
  20. Gincoma macrumors 6502

    Joined:
    Sep 10, 2013
    #20
    and what if your fingers are burned or mess up your print permanently? What now?
     
  21. dave420 macrumors 65816

    Joined:
    Jun 15, 2010
    #21
    Then you have bigger problems than your phone? I'm sure Apple can come up with a creative way to do handle two factor authentication that is more secure than the current method.
     
  22. Gincoma macrumors 6502

    Joined:
    Sep 10, 2013
    #22
    Everyone that says Apples method of security or verification is subpar and suggest otherwise, why are you not working for apple to fix this lackluster feature of the iPhone that doesn't please you folks? Fingerprint tech on a "cell phone" is amazing piece of tech/art.
     
  23. Shockwave78 macrumors 65816

    Shockwave78

    Joined:
    Jul 10, 2010
    #23

    Even though fingerprints are the most secure, i think they are also at the same time the least secure. Apple has already said along with the the FBI and other law enforcement agency's cannot crack a pass code for anywhere to 3-6 months before they finally can. IMO passcode is the most secure, if you want really secure then use the higher digit version other than the 4 digit.

    Fingerprint IMO is just for convenience. But if someone ever cracked how to access it then all hands off, it would work for all devices. Not like pass codes since they are all different.
     

Share This Page