[There's a reason that Yoda is the unofficial mascot of SBS. Size indeed matters not.] The Gummi Bear defense - THE OFFICIAL BLOG OF THE SBS DIVA
Fri, Jul 27 2007 12:09 bradley

The Gummi Bear defense

I still remember the stories by Steve Riley about the deployment issues with Biometrics.  Everyone sees stuff like digital personal as the panacea to password issues but they don't think about the deployment issues....if the fingers used to enter in the system have issues being read by the system, it's not an easy redeployment.   

DigitalPersona - Biometric, Fingerprint, Authentication, Sensor, Reader, Security:
http://www.digitalpersona.com/

Traditional two factor with tokins a much easier deployment and management solution. Not too mention there's not the Gummy bear issues.... http://www.theregister.co.uk/2002/05/16/gummi_bears_defeat_fingerprint_sensors/ where you can defeat the biometrics with the equivalent of gelatin to pick up the fingerprint image.

May not be as tasty as Gummi Bears.... but a lot more effective that's for sure... 

Check out Charlie Russel's post on it:  http://msmvps.com/blogs/xperts64/archive/2007/07/27/two-factor-authentication.aspx

Filed under:

# re: The Gummi Bear defense

Monday, July 30, 2007 12:43 AM by Steve Dispensa

Couldn't agree more on the point about biometrics. There's a basic problem with biometrics: you can't change them if they're compromised. You can change passwords, get new tokens, change your phone number, etc., but you can't (easily) change your fingerprint. It only takes one compromise.

We just released a product in this space - PhoneFactor - that uses the phone as the second factor. It's a free service, with enterprise upgrades coming soon. Check out www.phonefactor.net for more.