Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Sure, you could even reduce phishing attack success rates to nearly 0% by having users authenticate with a sample of their DNA.

Does that mean it's a great idea?

What about losing the yubikey?

In any case it's a different matter when it comes to high stake scenarios, in which case I don't mind something slightly more sophisticated.

But not as the default for everything.



>having users authenticate with a sample of their DNA.

I know it's not your point and I agree with everything you're saying in this thread 100%, but DNA based login would be a username, not a password. Like all biometrics. And it'd have a really bad false positive rate if you're just doing restriction enzyme cut location tests like lots of "police work". A full exome scan ~$300-500/per might do it.


And as you point out, the problem with biometrics is that once they're stolen or copied, there's no changing them. Particularly your DNA.


> What about losing the yubikey?

I have 5 yubikeys on multiple continents. If I lose one I can log in with the others and remove login access with the compromised yubikey.


> I have 5 yubikeys on multiple continents

Are you actually retarded or just disingenuous? This is hardly a workable solution even for security nuts, let alone the average person.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: