Lenovo's craptastic fingerprint scanner has a hardcoded password
.
Come on IT people, you're just noy trying hard enough! Windows 10 centralized this function (probably for data mining).
Lenovo wants ThinkPad owners to update their machines after its Fingerprint Manager Pro software was found to contain serious security vulnerabilities.
Among the glaring flaws cited: a hardcoded password. In the fingerprint scanner. To log into the computer.
"Sensitive data stored by Lenovo Fingerprint Manager Pro, including users Windows logon credentials and fingerprint data, is encrypted using a weak algorithm, contains a hard-coded password, and is accessible to all users with local non-administrative access to the system it is installed in," Lenovo said in fessing up on Thursday.
.
.
Lenovo says Fingerprint Manager Pro was used with the Thinkpad, ThinkCentre, and ThinkStation machines running Windows 7, Windows 8, and Windows 8.1. The tool could be configured to store and authenticate website credentials via fingerprint.
https://www.theregister.co.uk/2018/01/26/lenovo_thinkpad_fingerprint_manager_vulnerability/
.