The current 2FA methods, something you have and something you know, are better than the proposed methods.
Under the new method, something you have and something you are, hackers/feds only require your device to get into your accounts. Feds especially can extract your biometrics: simply force your hand against the fingerprint reader or take your picture. They have a much greater difficulty extracting your passwords, they must compel you to reveal that information through fines or torture (aka the hammer to the kneecap principle).
They have a much greater difficulty extracting your passwords, they must compel you to reveal that information through fines or torture (aka the hammer to the kneecap principle).
It depends on the state as to whether or not a warrant can compel you to give your password. It kinda hinges on how allowable "I forgot" is. After all, it's really hard to prove you know it.
The feds really want into your accounts.
The current 2FA methods, something you have and something you know, are better than the proposed methods.
Under the new method, something you have and something you are, hackers/feds only require your device to get into your accounts. Feds especially can extract your biometrics: simply force your hand against the fingerprint reader or take your picture. They have a much greater difficulty extracting your passwords, they must compel you to reveal that information through fines or torture (aka the hammer to the kneecap principle).
Well the legal way is a warrant.
It depends on the state as to whether or not a warrant can compel you to give your password. It kinda hinges on how allowable "I forgot" is. After all, it's really hard to prove you know it.
For an online service a warrant to the company will get them your info. Your password is irrelevant to the company hosting the service.
For a file it's just a matter of brute forcing it.
For a device like your phone, I haven't kept up with where that's at, but I'm betting the company has a way to crack it given a warrant.
To quote what I'm reaponding to:
Pretty sure this must be an online service.