Which authentication method is inherently passwordless because it verifies the user by matching unique physical characteristics-such as a fingerprint or face-rather than requiring any typed code or shared secret?
Biometric authentication (fingerprint, facial recognition, iris scan, etc.) is passwordless because it relies on something the user is. The user's unique physical trait is captured and compared locally on the device, so no password or code is entered.
Incorrect choices:
A hardware security key still requires possession of a device but does not examine a physical trait.
A time-based one-time password (TOTP) requires the user to type a numeric code, so it still involves a password element.
A magic-link email sends a clickable link-no physical characteristic is checked, and the link is essentially a single-use secret.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are some examples of biometric authentication methods?
Open an interactive chat with Bash
How does biometric authentication improve security compared to traditional passwords?
Open an interactive chat with Bash
What are the potential drawbacks of using biometric authentication?