Score:0

How does biometric authentication add protection to encryption schemes?

us flag

I'm wondering since at least 2 offline password management services,Passkeep and Keepass both use biometric authentication in addition to the master password. You need to possess the physical device to login to those 2 services,but if the attacker already posseses the device how would biometric authentication protect the user from accessing the key and encrypted data or whatever sensitive data they might have?

passkeep.pro

keepass

Score:0
ng flag

Presumably the goal is not to "protect the user from accessing the key".

The intend seems to be protecting the user having stored valuable credentials in a device from impersonation by an attacker having stolen the device.

us flag
so it would make sense to you to have a offline password manager that requires both a master password and biometric authentication to access any personal data?
fgrieu avatar
ng flag
Fir high-security application, that makes some sense. One needs device AND password AND biometric to use the credentials. Also, there might be a lower-security convenience mode where the device unlocks with password OR biometric device. Many mobile phones work that way.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.