I have mine permanently disabled. I have a fear it'll malfunction and lock me out one day.
-
-
Well, you can always manually type the password in addition to the fingerprint scan, can't you?
-
I use the fingerprint reader on my t61p. It does fine and as has been suggested there is a alternate way of logging in. I use a standard Microsoft version of widows. The fingerprint reader has always worked fine.
Renee -
definitely have a backup password to login. But where you shouldn't trust the fingerprint reader is for really sensitive information (corporate, government), because professional hackers and spies will make minced meat out of it. Your laptop is covered in fingerprints and it's easy enough to fool the fingerprint readers built in to most laptops (maybe the FIPS readers on some Dells are harder to fool, but most of the time, corporate and government people use Smart cards and passwords, maybe in conjunction with a FIPS reader)
-
The point is, any security can be compromised with time and skill. The only way to 100% secure something is to not need to secure something. If you have your little generic WPA2 password, anyone that's gonna spend the time and energy to break in wont be living next door that's for sure.
As for the OPs question, when you first setup any fingerprint reader it either asks you to create a Windows password or it asks you to type it in as a confirmation that the prints being put in are the owner of the current account. You can't "lock" yourself out of Windows as even with a fingerprint and a forgotten password you can reset the password from DOS/Linux or anything these days.
I specifically choose laptops with Fingerprint readers as a convinience to me, not to block out anyone out there that wants to steal my information. Surely it does keep people off my system and even as a deter would be theives but that's not why I choose to get a system with it at all. -
Heh, yeah I think (no pun intended ) the fingerprint reader is more like a gimmick. I was always able to type my password faster. Plus the fact that so many times it didn't recognize my fingerprint because I swiped "too fast" or something like that.
I heard that even retinal scans are all bunch of baloney. The biology behind it (which I don't know that much about) is that your retina actually changes with time. -
"I specifically choose laptops with Fingerprint readers as a convinience to me, not to block out anyone out there that wants to steal my information. Surely it does keep people off my system and even as a deter would be theives but that's not why I choose to get a system with it at all"
I agree. Since I do not believe in business I have no confidential documents at all.
Renee -
I prefer fingerprint readers because I don't have to ask my coworkers to look away while I am typing the password.
-
I have one on my HP Pavilion laptop, but rarely use it. When I ordered my X201 a few days ago, I opted out of the finger print reader.
-
My point was that fingerprint readers on laptops aren't very good security, except maybe the FIPS readers. I actually use my fingerprint reader too, I don't have anything too "sensitive" on my laptop and I wouldn't care if someone was looking at it. I was just making it known that the usual laptop fingerprint reader isn't good for corporate or other security which is taken very seriously. -
true security has to be combined with encryption and a second, third, or fourth authentication method.
if someone is really concerned about data protection then their thinkpad would need the following:
- complex power-on and supervisor passwords
- complex windows password
- complex hard drive or SSD password
- full-encryption hard drive or SSD
- fingerprint reader
- smart card reader
- lenovo client security solution to integrate FPR, typed password, and smart card authentication
- file-level encryption such as safeguard privatedisk
losing a system set up like the above should protect data with a reasonable amount of confidence.
with that said, i trust the fingerprint reader. but, i also know that it is only one small part of a much larger scheme. it's all in how you use it. -
"Corporate security is taken very seriously, given the incidence of corporate espionage is very high."
I hear that there's an even higher rate of capitalism.
Renee -
Anyone at a corporation with information to steal and let it leave out the door with John Harris and trust he'll keep it safe doesn't value John Harris or whatever data he has access to. If not, he'll just enter his password - "password123" and have access to Social Security database in Maryland while sipping your coffee at Starbucks in DC somewhere.
Nobody (in corporate) thinks of fingerprint readers as a security method especially on a mobile laptop. If it was tied down in a secured room then ok. The first rule of any security is to prevent access, not just to the info but to even attempts at getting the info. Anyone with physical access to the system can get in via tons of different ways providing they have enough time. If they stole the laptop then they have all the time in the world.
Fingerprint readers only stop girlfriends from logging in and checking your email/facebook to see if you are getting naked pics from some skank chick while you are taking a shower. LOL -
'password123' haha what a lousy password... er hm I'll be right back, I need to go.... take care... of something.
-
I never rely on any single security method for authentication. Strong passwords, encryption, and knowing when to leave the laptop at home (this is what a netbook is for). I only rely on a password to keep nosy coworkers from stealing my music and sending prank emails from my account, and the fingerprint scanner would just be a simpler way of logging in.
-
Redundancy is a crucial part of any security measure. As said don't rely on one security method.
-
lineS of flight Notebook Virtuoso
How many of you actually use these various levels of security in your personal computing environment (I am only referring to personal stuff and not work related)?
I only have the standard Windows login. Also, when I do back up (which I have not done for the last 105 days!), there is a password and encryption utility that came with the external drive and I use that. And, I carry my laptop everywhere! I guess I am very careless. -
AES encrypted drive is what I use.
I know, it's hackable with enought effort, but hell - if someone will really enjoy my couple GBs of movies, music, photos and some 'whats up' emails with grandma - go on -
I find the fingerprint reader very convenient as I am prone to typos and forgetting passwords. However, I don't like th easy access to the passwords file that the reader uses ...
A somewhat related question: I have switched to Comodo Internet Security and it does not like the fingerprint reader and gives me a hard time login in - is there a specific file that the fingerprint reader uses during the boot process which I would need to add to the list of Comodo trusted applications? -
As a counterpoint to the above, I have basically that exact setup, minus the smart card and fingerprint reader. My root partition's LUKS password is stored on my YubiKey which literally never leaves my side.
In addition to the fact that I'm a little concerned about the false positive rate of consumer-level readers, I'm quite concerned about the prospect of my machine getting bricked. Right now if that happens, I can simply remove the drive, plug it into pretty much any other ThinkPad, and be up and running as though nothing happened. If I lock down my OS and/or boot image so as to require a fingerprint, I lose that freedom. Of course, I set up my ThinkPad to require it on boot -- but that doesn't really provide much in the way of security.
As far as my encryption passphrases: my root partition's is a long pseudo-random string. My home partition's passphrase is a 50+ character sentence which includes mixed cases, special characters, and numbers. The same goes for my root password and my GPG keys.
And you know what it's protecting? Not much of anything. A couple source trees, some personal e-mail, and a few saved passwords. So given that I'm a difficult, low-reward target, I'm not too worried. I'm far more worried about someone stealing the ThinkPad, wiping the drive, and pawning it than I am someone gaining access to my data. -
I don't use ALL the listed recommended measures. But I do use a complex supervisor/hdd/power on password, as well as a strong windows password, and I use TrueCrypt to encrypt my system drive. Like someone else mentioned, I'm a low reward target so I don't think anyone would dedicate enough time to breaking in to my HDD - just not worth it. The power on passwords and supervisor passwords protect the machine itself if stolen. I think for an avg. user that's more than secure.
-
I trust the reader. The best is that it is a huge time saver. When you have set power on PWD, HDD PWD, win PWD, all different and difficult, this thing can fill these in a second.
When the reader is broken, you can attach your reader via USB (i have it because the notebook is docked and closed).
But I would like to know, what technology is lenovo used for his readers, because some of them can be very easy to hack with tools you can buy in a drug-store. It is possible to obtain some fingerprints from the notebook itself like the lid, palmrest, touchpad whatever, and reproduce the fingerprint. That could be a problem. -
both companies merged back in september and are now the single largest supplier of fingerprint biometric scanners. -
Don't be too paranoic. -
'' potential thief would just cut your finger "
Right on both counts. The fingerprint reader is good for what it is...but it does have significant security limitations.
Renee -
I just use my fingerprint reader to log onto Windows. Sometimes it works, most of the times I have to swipe my finger multiple times for it to work, and sometimes it just never enters correctly.
That's why now, I just type a password in, to me it's faster then swiping my finger wondering if it will work on the first try or not lol -
I trust the fingerprint reader. It's fast and convenient to just swipe my finger and go. No password required even if I do have one as a backup. I'm not a high value target so I'm not going to go through multiple security steps just to get to my desktop
-
I dont use fingerprint reader, if anything, they only provide false sense of security.
In fact, using fingerprint reader equates to leaving your passwords on anything you touch (and yes, its pretty easy to fool the "consumer-grade" readers with "artificial fingerprints", plenty of info available on the internet). -
Ahbeyvuhgehduh Lost in contemplation....
For me it is not that I don't trust it, but rather that I prefer the log on method.
-
Don't Trust but It help to login quickly and easier
we are always lazy to type password for anything so fingerprint can keep security for us. I feel good to have one :0 -
I dont trust fingerprint readers as they are the easiest biometric to bypass.
Do you trust the fingerprint reader?
Discussion in 'Lenovo' started by blackthinkpad, Jan 28, 2011.