always coming home is a user on cybre.space. You can follow them or interact with them if you have an account anywhere in the fediverse.

If every decent software engineer knows that faces and fingerprints cannot be passwords because they're neither secret nor can you change them, then why does Apple, which is supposed to be a top-notch tech company, release features like that

always coming home @nightpool

@gargron mmmmmm I'm actually pretty happy with how TouchID is implemented from a security perspective. Your password is still required after any reboot or significant downtime, or for sensitive operations. It's not being used as a password, more as a proof of continued presence during inactivity.

Security is a usability/threat tradeoff and having TouchID enabled allows me to have a much longer password then would be practical normally. So overall it's a net positive.