Biometric authentication

Question

I have a requirement for a two factor authentication for SSL VPN users. first one being LDAP and second one being biometric using thumb / finger scan.&nbsp;
Please share your experience for such a solution.&nbsp;
Thanks,
Raghav&nbsp;

hamish · Answer

Yes.&nbsp;
Biometrics don't (currently) work reliably. Especially thumb/finger scanning. Way too easy to fake. Way too easy for people to get thoroughly annoyed when it doesn't work for them because they're sweaty, been working and scuffed their fingertips, swimming, cleaning, having a bath... etc etc..&nbsp;
There are numerous sites round showing how to fake fingerprints just with a copy from a glass and a bit of gelatin (or PVA etc). Or if it's really important some bloke loses his finger (That was a real one IIRC from back in the early 2000's).&nbsp;
On the other hand, I have implemented situations where two authentications are required. e.g. 2 factor secureID PLUS password... That's supported OOTB by the BigIP APM login pages.&nbsp;
H&nbsp;

alb3 · Answer

Any other feedback?&nbsp;

Forum Discussion

Biometric authentication

2 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

iRule causing requests to be duplicated (sometimes)

Cisco TACACS+ Config on ISE LTM Pair

Related Content

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

iControl REST Authentication Token Management

Doing mTLS Authentication per URL

Two-Factor Authentication With Google Authenticator And APM

APM Sharepoint authentication

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS