This Week's Sponsor:

Kolide

Ensure that if a device isn’t secure it can’t access your apps.  It’s Device Trust for Okta.


Rich Mogull’s Fingerprint Scanning Q&A

Rich Mogull has a solid Q&A over at TidBITS about today’s iPhone 5s and Touch ID announcements. Rich does a good job at explaining what fingerprint scanning is, its limitations, and why it won’t be available in third-party apps right away.

But the real reason is that using fingerprints creates better security through improved usability. Most people, if they use a passcode at all, stick with a simple four-digit passcode, which is easy for an attacker to circumvent with physical possession of your iPhone. Longer passphrases, like the obscure 16-character one I use, are far more secure, but a real pain to enter repeatedly. A fingerprint reader, if properly implemented, provides the security of a long passphrase, with more convenience than even a short passcode.

Touch ID isn’t a panacea for the modern world’s security problems, but it’s an important addition to the system that combines advanced technology with good usability.