Do you use biometrics or is it a no go in the privacy & security scene in 2026?
From my research, it seems a bit of a no go but i wanted to see what people thought of it today since alot of critical services are pushing for it.
1 Like
Since having moved to GOS, its only passcode and alpha numeric passwords for me. But I used to use FaceID only to unlock and use Apple Pay for convenience.
For example?
For the local authentication on my smartphone (GOS) I use fingerprint with MFA.
So it is fingerprint + pin or 12 words passphrase.
1 Like
For example my bank offers voice ID to login to my account
1 Like
Wow. That’s bad. I would not do this. Or at least find a way to log in without it.
12 words passphrase is more than a overkill, no? Or is it a sentence you type relatively quickly.
For example?
Google Pay, my bank, many digital IDs, duo auth push for LOCAL phone authentication with the fingerprint instead of the phones pin. They are not forcing it.
I think this comes mainly, because a fingerprint is still more secure than a 4 digit pin like 1234.
And since the app developer can’t control the security of the pin/password length, they try to push users to an authentication method that is, independent of the user, considered as safe.
Edit:
12 words passphrase is more than a overkill, no? Or is it a sentence you type relatively quickly.
Maybe ….
1 Like
Yeah that’s what I thought. But OP is implying otherwise.
Edit: I see OP said pushing it, not mandating it.
Yeah I have a similar set up for my admin password for my Linux. Easier than remembering words that don’t connect with each other but still equally strong/overkill.
Yeah I have a similar set up for my admin password for my Linux.
On the admin password for my Linux I don’t really care at all.
The attacker would first need an unlocked LUKS container (I use FDE) and if the already have the data in decrypted form it doesn’t matter anymore.
So the LUKS passphrase is the information that is what I try to maximize.
On smartphone the decryption key is tight to the owners pin/password, thats why I hardened it.
I guess for this is how I meant it. LUKS. I conflated the two here.
1 Like
Oh no they are not forcing it, its just optional.
I just wanted to see mainly what people use more for locking/unlocking their android or ios device since convenience plays a big part in it
Biometrics are great. They let you have a really long password if you want without the inconvenience of having to type it every time (you have to type it when your phone restarts which is when it’s the most secure anyway). They also stop people shoulder surfing you and viewing your screen.
5 Likes
Btw, since you’re new here - responding to your own post does not notify others. You need to reply to each comment you want to respond to.
FYI.
Then simply authenticate with FaceID at most. Anything more is too invasive.
Yes. But the key is balance. Strong password where needed with selectively using biometrics for convenience.
Finger bio, yes, to minimize exposure to shoulder surfing, but use pass codes for app unlock.
How do i reply to just a portion of a post?
Highlight and “quote”
2 Likes
Gotcha 
Considering how often we all unlock our devices all day, this can become a pain real fast. I would still say unless your threat model warrants it, FaceID is enough even for unlocking. Its such a pain otherwise - to me atleast.
1 Like
What about privacy concerns especially in oppressive regimes like surveillance or tracking?
Face ID is not available on GrapheneOS. And it also depends on the apps. Some only use the same login as your device, even though I prefer to use separate pins whenever possible. I prefer to type my pin because the real annoyance is when my phone doesn’t recognize my fingerprint, probably due to the screen protector. I mainly use finger bio to unlock during transit.
2 Likes