How is biometric login protected against security leaks?
If a database full of passwords is leaked, a user can just make another password. Today biometric security checks like fingerprint scanners and face recognition are often promoted as good security measures, but let’s say that a database of face scans is stolen. People can’t get a new face. Is Face ID now unusable for all those affected, or is there some additional security measures that make Face ID usable as a login method?
Note: I understand that information like passwords is (hopefully) stored in secured hashes, with salt, and so on, to make stealing of databases less of an impact on security. My question is about security mechanisms that exist to allow reusability of biometric login tokens, not about security measures that secure data in database theft scenarios.
