[unisog] Biometrics for Active Directory Authentication

Alan Amesbury amesbury at oitsec.umn.edu
Wed Dec 14 23:23:59 GMT 2005


Micheal Cottingham wrote:

>We are (re)visiting using biometrics for Active Directory auth. More
>specifically, fingerprinting. Anybody looked in to this or done it? If
>so, any recommendations for software? What about hardware? Right now we
>have a couple of test devices from BAC and Marco. We'd like to stick
>with those.
>  
>

Keep in mind they're not that hard to fool:

    http://www.yubanet.com/artman/publish/article_28878.shtml


I suspect a token-based system, e.g., SecurID, would be far more
difficult to defeat, but don't recall seeing any solid, objective
research on that.


--
Alan Amesbury
University of Minnesota


More information about the unisog mailing list