“breaks” is kind of a strong word to use here. They unlocked the device with a replica of the person’s fingerprint, not unlike opening a padlock with a lockpick or a replica of thekey.
To “break” it, in my opinion, would require unlocking it without any access to the person’s fingerprint, or somehow extract the fingerprint image from the hardware chip.
Just as Android’s unlock pattern was found to be weak due to finger smudging on the screen, it’s just one way of securing the device. If you don’t care at all about security, don’t use any locking mechanism on the device. If you want some degree of protection but have to unlock the device constantly, pick a 4-digit PIN. If you need lots of protection, use a full passphrase. TouchID is just one additional way of securing your device.
I think a lot of people that weren’t using any PIN will now use TouchID. It will cut down on theft without inconveniencing people. Those that still require high security and/or are willing to be inconvenienced will continue to use a passphrase. Or better yet, use both for a two-factor authentication.
“breaks” is kind of a strong word to use here. They unlocked the device with a replica of the person’s fingerprint, not unlike opening a padlock with a lockpick or a replica of thekey.
To “break” it, in my opinion, would require unlocking it without any access to the person’s fingerprint, or somehow extract the fingerprint image from the hardware chip.
Just as Android’s unlock pattern was found to be weak due to finger smudging on the screen, it’s just one way of securing the device. If you don’t care at all about security, don’t use any locking mechanism on the device. If you want some degree of protection but have to unlock the device constantly, pick a 4-digit PIN. If you need lots of protection, use a full passphrase. TouchID is just one additional way of securing your device.
I think a lot of people that weren’t using any PIN will now use TouchID. It will cut down on theft without inconveniencing people. Those that still require high security and/or are willing to be inconvenienced will continue to use a passphrase. Or better yet, use both for a two-factor authentication.