Where ‘2’ is Weaker than ‘1’
It’s where biometrics is deployed with a password (default/fallback) in a two-entrance/in-parallel formation (as against a two-layer/in-series formation)
Wondering why and how on earth can such an unearthly thing actually happen? — Spend 2 minutes for this video — “Biometrics in Cyber Space ” https://youtu.be/wuhB5vxKYlg
‘3’ can also be weaker than ‘2’ where another authenticator is brought in — “3-Factor Configuration Weaker than 2-Factor Authentication “ https://www.linkedin.com/pulse/3-factor-configuration-weaker-than-2-factor-hitoshi-kokumai/
Incidentally, there would be nothing wrong in deploying biometrics with a default/fallback password if vendors state transparently that the benefit of biometrics used for authentication in cyberspace is ‘better availability’ obtained by sacrificing the security that the password on its own somehow provides.
What is wrong is that they mislead the public to believe that it contributes to ‘better security’, thus spreading a false sense of security and thereby weakening the defence line of democratic nations from within when we have to face fierce cyberattacks from adversaries of democracy.
More comments on this issue is collected here — “Biometrics Unravelled | password-dependent password-killer” https://www.linkedin.com/pulse/biometrics-unravelled-password-dependent-hitoshi-kokumai/
PS The illustration above was published in 2004. In other words, I have kept raising the alarm since then.