Why do gadgets (laptops / smartphones) require typing in the password after a restart although I have my fingerprint configured?


Although I have my fingerprint configured on my smartphone and laptop, every time I restart them I get asked to enter my password. They won’t let me in with the fingerprint. It feels like they’re aiming for another security layer, but how is a password more secure than a fingerprint? What are they thinking? Someone stole my fingertip?

In: 6

Someone can unlock it while you asleep with finger, better when u have friends over, restart phone before sleeping

A password *is* more secure. A finger print [can be “stolen”](https://www.pcmag.com/news/hacking-fingerprints-is-actually-pretty-easy-and-cheap), or your finger can simply be forcibly placed on the scanner.

A compromised password can simply be changed.

Passwords are also protected by the 5th amendment in the US. Law enforcement can’t force you to tell them the password, but they can force you to place a finger on the scanner.

A decent password is far more secure than your fingertip.

The police, for example, can just press your finger on your phone to make you unlock it. They can’t make you tell them your password.

Now apply that logic to other “bad guys”.

I am a bit more cynical in my theroy on this. I agree that the password is more secure, but I don’t think that cell companies require it with the users interest at heart. If they cared about the user, you’d have the option of turning it off if you wanted to.

I mean, it your phone and data, right? (/s)

I think it’s about tracking you, and being able to know it’s you, being able to prove who the user is legally. Phones and meta data are used for id and financial purposes more and more. I think it removes the potential legal argument that you might make that someone else was using your phone if you get in legal or financial trouble. It makes your meta data more valuable to their real customers, the corporations and governments who buy your data.

When you set a password you enter a series of characters that is unique. The password system uses a special algorithm to process that password and it stores the result in the secure storage. You cannot access the secure storage, and even if you could you cannot reverse the answer to get the password. The more characters you use from different character sets the more unique passwords exist, billions or trillions of options.

When you’re asked for the password, the secure system uses the same algorithm to process the characters you enter, and it then compares this answer with the stored answer, and if the two match, congratulations, you’ve entered the right password.

The fingerprint and facial recognition systems are more “fuzzy”. The fingerprint stores some key points of your fingerprint, but unlike a string of characters it’s far from unique, it’s just sufficiently complex that it’s unlikely a false entry can be used. Hence when certain operations are undertaken like a restart it’s more secure to require the password instead of the fingerprint or face. Fingerprint and facial recognition on gadgets are a balance between convenience and security. They could be more strict at the risk of increased rejection. Passwords are either correct or incorrect.

Here’s how you steal a finger print:
* Get a bottle, a cup or anything with a fingerprint on it (for example from the trash).
* put a little bit of superglue in a bottle cap and tape the cap with the glue inside it onto the fingerprint, so the fumes come in contact with the skin-fat of the finger print
* The fingerprint should become white
* make a photo and photoshop it into a monochrome (black/white) picture
* print on foil
* spread wood glue on on the print, peel it of
* done

At least that’s how you could fool finger print readers from a few years ago. If it’s not 3D enough, then you could put more effort in it (printing and then etching).