Educause Security Discussion mailing list archives

Re: Security of Windows fingerprint reader

From: Chad McDonald <chad.mcdonald () GCSU EDU>
Date: Mon, 6 Jun 2005 15:46:48 -0400

Regardless of whose technology it is, in my opinion, encrypting the entire
HDD is the safest option.  BIOS can be overwritten, hard drives removed, you
can boot to a different OS, but if the data is encrypted on the drive
itself, then regardless of what ever break in is attempted, you ultimately
have to decrypt the data.  Just keep in mind that you'll still need your
keys to be secure (sorry, still no passwords under the keyboard).


Thanks,
Chad McDonald, CISSP
Chief Information Security Officer
Georgia College & State University
478.445.4473  Office
478.454.8250 Cell
478.445.1202 Fax

-----Original Message-----
From: Tristan RHODES [mailto:TristanRhodes () WEBER EDU]
Sent: Monday, June 06, 2005 3:04 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Security of Windows fingerprint reader

There are inexpensive fingerprint readers made by Microsoft which allow a
user to log into Windows using their fingerprint.

How secure are these?

If someone has physical access to the computer, are they still able to boot
into an alternative OS and insert a new password hash?  Or do these devices
have something that prevents this?  Is encrypting the filesystem
(EFS) required to protect your data?

Thanks,

Tristan Rhodes

Current thread:

Security of Windows fingerprint reader Tristan RHODES (Jun 06)
- <Possible follow-ups>
- Re: Security of Windows fingerprint reader Chad McDonald (Jun 06)
- Re: Security of Windows fingerprint reader Hart, Mark Smylie (Jun 07)
- Re: Security of Windows fingerprint reader Ken Shaurette (Jun 08)
- Re: Security of Windows fingerprint reader Hart, Mark Smylie (Jun 08)