Is biometrics more “secure” than passwords?
This question at least poses two problems: biometrics is not equal to biometrics, and the term “secure” is in fact commonly used, but it is not exactly defined. However, we can try to collect pros and cons in order to find at least an intuitive answer. It is a matter of fact that the security of password protected values in particular depends on the user. If the user has to memorize too many passwords, he will use the same passwords for as many applications as possible. If this is not possible, he will go to construct very simple passwords. If this will also fail (e.g., if the construction rules are too complex), the next fall-back stage is to notify the password on paper. This would transform “secret knowledge” into “personal possession”. Of course, not every user will react this way. Rather the personal motivation plays an important role: is he aware of the potential loss caused by careless handling of the password? It is easy if the user is the owner. But often foreign possession (e