Hi to all, next to buy Librem5 (but too long to wait!! 6 months ) anyway, what about to use voice password to unlock phone/apps? It’s the most safe password! More safe than password that could be spied and used after steal the phone. Voice password is unique and can’t be stolen, neither recording voice. In fact some banks using it to authenticate their customers when they call it by phone. No more biometrics sensors, no fingerprints, no iris, just my voice.
What do you think?
I think it is authentication by public data. How do I look, how my voice sounds - this is public, and therefore unsuitable for authentication.
The assumption that the voice can’t be imitated is going to be a very short lived one.
AI-based voice spoofing is already good enough to fool people. While I’m not sure if a computer could detect the difference, I am sure it’s only a matter of time until the technology is advanced enough to be indistinguishable.
This.
If someone records you unlocking the phone, I am pretty sure the fidelity of the recording will be good enough to unlock the phone subsequently. It is true that you can make it harder by having a challenge word or passphrase that is randomly chosen and put up on the screen for you to voice, but clearly there can only be a certain number of such words or passphrases that you have registered with the phone previously and so pretty soon you will be using a word or passphrase that has previously been used.
Is this a major problem? It is if you intend ever to unlock the phone in a public place.
If you wanted to make this less weak, you could make it an audio-visual unlock i.e. the phone has to both see and hear you voicing the password.
Not only public but not readily changed in the event of a compromise, a problem that is shared with biometrics in general (fingerprints, iris, facial recognition).
Who would want a ‘password’ that could never be changed?
Thank you for your answers. So, please, let me explain my trouble so you can help me to solve it.
I’m tour leader so I’m always traveling and I lead groups of turists in the busiest (crowded) places. That means it’s a problem for me to digit password can be easily spied by someone and then he/she could steal me phone and access it. So what’s the unlock method used in Librem5? I can’t find it into the threads. Also, are the data encrypted? If I understood well, yes. But has Librem5 a chip to make decrypt fast as I know iPhones have? (Never had an iPhone in my life).
Thank you for your answer
Ps: maybe the best unlock is that one used by Blackberry? Picture password. I didn’t know about it, I read a post here into the forum: an user mentioned it. It seems the best
Star Trek technolgy is here. Don’t speak the Captain’s password for the warp core breach! (But then you’d have to be the Captain, wouldn’t you?)
While I generally dislike the voice password idea, I can see how it can be useful for you to protect from a simplistic thief. Imitating one’s voice is admittedly harder then typing in stolen password. And convenience is undeniable.
That said, I’m guessing Librem 5 will not have it in the near future.
So if you wake up some morning with a sore and scratchy voice (maybe an active off of your normal tone), are you just locked out until your voice gets better?
I’d like to echo that while I agree voice as authentication is flawed, using voice for identification while also using the spoken passphrase as authentication has a certain appeal.
I also think dwaff hit on an important point of this being reasonably good security against an unsophisticated attacker which I think is the more common attacker for the majority of people.
For the concern about loss of voice/scratchy voice/etc you could have a more complex written passcode to enter as an alternative this allowing the choice of which authentication method to use at the time of unlock.
I wonder if you could do something with the hardware buttons to unlock the phone? Like power > volume up > power > volume down > volume up > power or something?
Presumably there would be a vanilla entered password alternative.
The beauty of the Librem 5 is that, as far as I can see, there are no technical obstacles to having that functionality today (well, other than that most people don’t have their phone yet) so if @veleno wants it today then perhaps a PAM module will do the trick.
When I talk about technical obstacles though I am only talking about unlocking an already booted phone. I don’t think we’ll see the LUKS / Librem Key boot unlock via voice recognition any time soon.
Once again though I would not use this functionality myself - for all the reasons discussed.
This is a problem. Not only by people around you but with video (both CCTV and mobile phones and anything in between). And it’s not even needed to see the screen as the pin entry is done with a static (always identical) numpad. I’ve also previously suggested ideas to make typing more safe and login more secure - options for the user to select which they would like to use. Audio/voice is not the only one. A pad that changes randomly, a full keyboard instead of numbers, hidden [invisible/unmarked areas for] keys/touches, adding rhythm/frequency/timing as part of the access key or possibility to make the pin/login dynamic depending on the time or something (a variation of a group of PINs depending for instance wich hour it is or is the minute odd/even etc. - make it as complex or simple as you want) - or even having a PIN+voice option (one or both could have dynamic variation). What @Gavaudan mentioned about the hardware keys could also be an option, but it could interfere if user is using services (or even login options) that require location or network in the background. Unfortunately I’m not an expert in this field and something this critical I’d rather see taken up by the manufacturer.
Btw. outside of these, there is also the possibility of using Librem Key for login too.
This is fairly standard. Internet banking has had this for decades i.e. specifically where you are just entering a numeric PIN.
It doesn’t even need to be cryptographically strong randomness. However, ideally, the pad would randomise before each digit. Would users tolerate that? (That isn’t a major objection though because users should always be free to choose between a) randomisation before each digit b) randomisation only on initial presentation of the pad c) no randomisation.)
You’ve given lots of good ideas for unlock security - but maybe the phone needs to get out the door first. There will be plenty of time for strengthening the unlock afterwards. As they say, Il meglio è l’inimico del bene.
Weeelll… philosophically speaking login by default could probably always be seen as an imperfection - after all we are entering (making a hole, creating an exception, an imperfection to the system to allow entry) and changing the state of something. So, good enough is what we will always have. I just hope we could have better, sooner - rather than later.
But other reason to push these ideas is, that until now there really hasn’t been a device where they all could be implemented (or the ecosystem/company behind it wouldn’t), and that the PIN-code-to-a-keypad is an idea that is based on decades old analog/mechanical idea that clearly has vulnerabilities, especially in today’s world and in phones. And besides, it’s not only good from security and safety standpoints for the user to be able to define what they use and what matches their risk profile, but also what works for them from the usability side as well.
Btw. I like your addition to the numpad randomness (a/b/c).
Yes, it would be much more secure if you couldn’t log in at all.
Do you have coding skills? The intention of open source is that you can pursue these ideas yourself if you are not satisfied with the default PINpad security. Who can even say at this stage what the default security is?
A perfect system would be completely stable, secure, unchangeable, unusable and unpenetrable - a work of art that you only admire from the outside
Unfortunately my coding skills are limited and as i said, with something this critical I wouldn’t trust me even if I could cobble something together.
There is that. However if you made it open source at least you could have it reviewed by many pairs of eyes.
so if you COULD admire it from the INSIDE would that mean that the above given definition would change ?
to me admiration can be done BOTH from the inside or the outside but if it is done from the outside ONLY one would need to take that with a pinch of salt … kinda’ like closed-source
I’ve got it! Use a tongueprint and lick the screen to unlock the phone! : P
I think I’d like a highly configurable login method. For example, you could have security “modules” (like password, voice, face, fingerprint, hardware buttons) and you could have rules for what can unlock the phone. I might want a simple swipe + face in the morning, but a hardware + voice + fingerprint in a crowded place. So either combination can unlock the phone, but only if it is registered. And you could even add a blacklist, although I don’t know how useful that would be.
Ew. Just make sure that everyone keeps their phones to themselves. COVID anyone?