Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iPhone X Is it me, or does Face ID suck? [MERGED]
- Thread starter saxman211
- Start date
-
- Tags
- face id
- Sort by reaction score
I’ve had to adapt to much more difficult things in life.
Face ID has taught me that I need to unlock my device when I’m ready to look at it, & that it’s no big deal to have it unlocked before then.
It doesn't suck in portrait. It sucks when I'm in landscape and I have to authenticate something, but I need to rotate the phone for it to work.
Agree! I hate Face ID!! Never recognizes me and VERY instrusivr into what I’m doing. My fingerprint is mine only...how is this face crap any more secure?
FaceID works slower than TouchID in some situations, like pulling your phone out of your pocket for a quick glance. But it is more convenient in some situations as well. It's a mixed bag.
I miss TouchID very rarely these days.
In the winter, my skin gets dry and I would have to re-register TouchID very frequently. With FaceID, not once. Plus, no errors after showers when my skin is damp.
All in all, FaceID is the future. Just keep refining FaceID, and we will be fine.
For those having issues, I got much quicker unlocking and better ID registering in poorer lighting further away from my face than recommended, at a lower angle like I was looking at the phone from waist level.
I miss TouchID very rarely these days.
In the winter, my skin gets dry and I would have to re-register TouchID very frequently. With FaceID, not once. Plus, no errors after showers when my skin is damp.
All in all, FaceID is the future. Just keep refining FaceID, and we will be fine.
For those having issues, I got much quicker unlocking and better ID registering in poorer lighting further away from my face than recommended, at a lower angle like I was looking at the phone from waist level.
Are you aware of any other smart phone manufacturer that uses 3-D facial mapping recognition?
How many times do you need to authenticate something on your phone in Landscape in comparison to Portrait?
Last edited:
Having used an iPhone X for the better part of a year, and now an iPad Pro for a few months, I’m all in on FaceID. The X took a bit of getting used to, but I soon came to prefer it over my company-issued iPhone 7’s Touch ID.
The iPad Pro took it to a whole new level, imho.
The iPad Pro took it to a whole new level, imho.
There’s some websites that require you to rotate to landscape to use, and need to log on.
Face ID sucks mainly because it doesn't fulfill all the use cases of the technology it's replacing (TouchID). It's a very bad thing for a security measure to only work under certain conditions, and then force you to use a "less secure" (passcode) method later on. This may not seem like a big deal, right up until you are in a bad situation and need it to work immediately, or until you have someone come into your life with malicious intent.
TouchID as a practice is better because it is virtually impossible to crack in the real world. However, public perception is quite the opposite, and I blame shows like NCIS. In them, they show fingerprint technology as if it's the easiest thing in the world to lift a clean print from someone's hand that will unlock their device. In reality, most people never leave more than partial fingerprints anywhere they go, or their fingerprints are usually mixed in with everyone else's. Someone would have to go through a lot of effort to obtain even one clean print that could be used to unlock your phone.
This should be obvious - fingerprints are secure because nobody knows what a particular one looks like, and they are virtually impossible to get a picture of in the real world. They're secure because each particular print pattern is a mystery, even to you. Most people could not pick out their fingerprint from a lineup. Also, they're not susceptible to "good enough" attacks, where (as in the case of close relatives or twins), the phone can't tell the difference using facial recognition technology. Fingerprints don't have that issue - even identical twins have unique prints.
With facial ID, it's (relatively) trivial for someone to set up HD cameras, hidden or not, that can capture enough detail and 3D data to accurately mimic someone's face. It's a bad thing when an average person like me can see a clear path to hacking your iPhone - use an old MS Kinect or two for depth perception, 2-3 HD cameras, and a 3D printer. Given that the phone relies on a "mathematical interpretation" of your 3D facial pattern, a hacker doesn't have to access the camera to fool the device into thinking its received the correct information - they just have to have a way to pass in the correct "mathematical" pattern, and with an accurate representation of your face on hand, they have a lot of time to get it right.
People are generally misinformed about data security because they assume an attacker is going after them personally. But with the setup I just described (which totals perhaps $5,000-$10,000 tops), a hacker could have their pick of thousands of people, and select the ones who they suspect or know have something valuable they want to steal.
This doesn't matter to you right up until you're just about ready to tap into some large savings account or get a large line of credit, only to discover that it was infiltrated by someone who had your biometric data (and consequently, all your other data). You do remember that Facebook (80 million), Mariott (383 Million), Target (70 Million), Equifax (143 million), Anthem health insurance (80 million) and literally hundreds of others have been hacked over the last decade, right? Every new "security" measure just gives hackers another vector to steal your identity. Even merely "storing it in the device only" doesn't do much good, because no hacker is going to tell Apple that they discovered a way to perform a man in the middle (or some other more sophisticated) hands-off attack. Every security measure is basically just a company pretending to secure your devices while (inadvertently or not) stockpiling a huge amount of information just ripe for the malicious attacker to mine.
Also, there's the issue of time, so-called "edge-case" convenience, and what UI designers might call a "persistent snag." Looking at your phone in bed in a dark room from an oblique angle is not an unusual edge case. But that causes FaceID to fail, forcing you to enter your code. We never get any more time added to our lives, and even if it only takes an additional couple seconds to enter a code, that adds up to minutes a week or even hours a year of your life spent trying to just get inside your phone. This is a persistent snag that is as annoying as a splinter, and has no place in a device that costs $1,000.
So! FaceID, for whatever convenience it does offer (and it obviously offers a decent amount or they wouldn't keep using it) fails to cover all the use cases of fingerprint ID's. It slows you down, even if you don't realize it. It's not as secure, it's not as convenient, it's not as reliable. So why are we being forced to use it again?
TouchID as a practice is better because it is virtually impossible to crack in the real world. However, public perception is quite the opposite, and I blame shows like NCIS. In them, they show fingerprint technology as if it's the easiest thing in the world to lift a clean print from someone's hand that will unlock their device. In reality, most people never leave more than partial fingerprints anywhere they go, or their fingerprints are usually mixed in with everyone else's. Someone would have to go through a lot of effort to obtain even one clean print that could be used to unlock your phone.
This should be obvious - fingerprints are secure because nobody knows what a particular one looks like, and they are virtually impossible to get a picture of in the real world. They're secure because each particular print pattern is a mystery, even to you. Most people could not pick out their fingerprint from a lineup. Also, they're not susceptible to "good enough" attacks, where (as in the case of close relatives or twins), the phone can't tell the difference using facial recognition technology. Fingerprints don't have that issue - even identical twins have unique prints.
With facial ID, it's (relatively) trivial for someone to set up HD cameras, hidden or not, that can capture enough detail and 3D data to accurately mimic someone's face. It's a bad thing when an average person like me can see a clear path to hacking your iPhone - use an old MS Kinect or two for depth perception, 2-3 HD cameras, and a 3D printer. Given that the phone relies on a "mathematical interpretation" of your 3D facial pattern, a hacker doesn't have to access the camera to fool the device into thinking its received the correct information - they just have to have a way to pass in the correct "mathematical" pattern, and with an accurate representation of your face on hand, they have a lot of time to get it right.
People are generally misinformed about data security because they assume an attacker is going after them personally. But with the setup I just described (which totals perhaps $5,000-$10,000 tops), a hacker could have their pick of thousands of people, and select the ones who they suspect or know have something valuable they want to steal.
This doesn't matter to you right up until you're just about ready to tap into some large savings account or get a large line of credit, only to discover that it was infiltrated by someone who had your biometric data (and consequently, all your other data). You do remember that Facebook (80 million), Mariott (383 Million), Target (70 Million), Equifax (143 million), Anthem health insurance (80 million) and literally hundreds of others have been hacked over the last decade, right? Every new "security" measure just gives hackers another vector to steal your identity. Even merely "storing it in the device only" doesn't do much good, because no hacker is going to tell Apple that they discovered a way to perform a man in the middle (or some other more sophisticated) hands-off attack. Every security measure is basically just a company pretending to secure your devices while (inadvertently or not) stockpiling a huge amount of information just ripe for the malicious attacker to mine.
Also, there's the issue of time, so-called "edge-case" convenience, and what UI designers might call a "persistent snag." Looking at your phone in bed in a dark room from an oblique angle is not an unusual edge case. But that causes FaceID to fail, forcing you to enter your code. We never get any more time added to our lives, and even if it only takes an additional couple seconds to enter a code, that adds up to minutes a week or even hours a year of your life spent trying to just get inside your phone. This is a persistent snag that is as annoying as a splinter, and has no place in a device that costs $1,000.
So! FaceID, for whatever convenience it does offer (and it obviously offers a decent amount or they wouldn't keep using it) fails to cover all the use cases of fingerprint ID's. It slows you down, even if you don't realize it. It's not as secure, it's not as convenient, it's not as reliable. So why are we being forced to use it again?
I find FaceID more convenient and more reliable than TouchID so your conclusion isn't right. Given the choice, I'd pick FaceID over TouchID. It's almost making me want to change my TouchID iPad for a FaceID one.
I doubt very much he was considering your opinion when forming his own though.
I prefer the Touch ID on my MBP. On my iPad Pro Face ID works ok IF the camera is looking straight at me - and provided there is sufficient light. Under very lowlight conditions it fails. Not so with the facial ID system Microsoft uses on their Surface Laptop. That one works well under low light conditions.
Having worked in the store I discovered FACE ID doesn't work for ugly people only the good looking ones.
Just kidding.
One thing I did learn, the first few days it seems to work better over time if you unlock it multiple times in different light levels. If you wear glasses, alternate unlocking with and without.
Just kidding.
One thing I did learn, the first few days it seems to work better over time if you unlock it multiple times in different light levels. If you wear glasses, alternate unlocking with and without.
Your passcode isn't less secure. Your passcode IS your security. Your fingerprint / face are just convenience methods so you don't have to type in your passcode. When you've gone too long without unlocking, they don't say to enter your fingerprint/face before your passcode is unlocked, they make you to unlock with the passcode before the more convenient methods are enabled. That right there should give you a giant clue about which is more secure. There are many more examples of the OS preferring your passcode.
That being said, I disagree with your conclusion. I happen to find FaceID the better system for my needs.