Touch ID becoming a super two-step authentication tool?

touchid

Massive new Apple patent filing details multi-user support, trackpad controls with Touch ID
[Via AppleInsider]

A 612-page patent application filed with the World Intellectual Property Organization shows that Apple is considering wide-ranging new uses for fingerprint sensing technology in its mobile devices, from user interface navigation and mobile payment processing to multiuser support.

[More]

What Apple plans for Touch ID is pretty amazing. I’ve written about some of my ideas. To do this well, we need really good security. But this gets really interesting. especially if it can recognize different fingers on a touch pad.

If it maintains a memory for each finger, then you could create a password where each letter of the password uses a different finger. Not only would the order of the letters be needed (something you know) but which finger was used (something you have,

Classic two-step authentication. I would love it.

I would not use Touch ID to unlock my phone as I currently understand it.

See, at the moment, the authorities generally cannot force you to divulge a password because it is something you know. But they can force you to divulge something you have, such as a fingerprint.

Thus, as currently implemented, Touch ID actually makes it easier for people to get into your phone. They simply need you to provide something you have – a finger.

But if you have a complex password (say a 10 letter one using special symbols and such) they cannot force you to give it up. And, because of Apple security, it would take several decades to brute force.

So, even with Touch ID, I would keep my strong password. No one is ever getting in.

Of course, a strong 10 letter password can be a pain to type in every time. But, add in which finger is used means that fewer letters can be used and still get the same level of security.

So maybe instead of 10 letters, I could get by with 6 or 7. I’ll do the math latter.

This also opens up the possibility of doing chording – touching two letters with two different fingers at the same time – for security.

No one is ever getting in.