Biometric authentication

Question

I have a requirement for a two factor authentication for SSL VPN users. first one being LDAP and second one being biometric using thumb / finger scan.&nbsp;
Please share your experience for such a solution.&nbsp;
Thanks,
Raghav&nbsp;

hamish · Answer

Yes.&nbsp;
Biometrics don't (currently) work reliably. Especially thumb/finger scanning. Way too easy to fake. Way too easy for people to get thoroughly annoyed when it doesn't work for them because they're sweaty, been working and scuffed their fingertips, swimming, cleaning, having a bath... etc etc..&nbsp;
There are numerous sites round showing how to fake fingerprints just with a copy from a glass and a bit of gelatin (or PVA etc). Or if it's really important some bloke loses his finger (That was a real one IIRC from back in the early 2000's).&nbsp;
On the other hand, I have implemented situations where two authentications are required. e.g. 2 factor secureID PLUS password... That's supported OOTB by the BigIP APM login pages.&nbsp;
H&nbsp;

alb3 · Answer

Any other feedback?&nbsp;

Forum Discussion

Biometric authentication

2 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries R2600 Tenant sizing

About AWAF "Redirect URLs" in "Responses and Blocks"

ISP Bandwidth Utilization

F5 Rseries HA

Related Content

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Doing mTLS Authentication per URL

Distributed caching of authentication requests with NGINX Ingress Controller

Application Programming Interface (API) Authentication types simplified

iControl REST Authentication Token Management