Was in two minds as to which forum to post this to. Either tech or spam ... but I thought this might be a better fit:
Probably the most stupid thing in the world is to make use of your fingerprints as a pass key.
The 2 major flaws are:
- Inability to change your fingerprints - so after a database is compromised that's it (and face it many sites have been compromised in the past and they certainly won't be the last). You're stuck with 10 chances for life, unless you want to start using your toes or get a finger transplant
- The more scary version: Using your fingerprints as a pass key is worse than tattooing your password on your hand. You're basically making a physical copy of your pass key on everything you ever touch. It's more like writing your password down on everything around you, ever, throughout your entire lifespan. Are you going to keep wearing gloves?
And that's not even trying to consider any further problems like the level of hashing - the stronger the hashing the more finicky the password scanner becomes. The more usable it is the more chance that someone else's fingerprint might be recognized as yours. Or even worse - you're now using the same "password" for everything from your bank account to your facebook login to the password for this site.
So fingerprints (contrary to actually making a better pass key) has all the problems of passwords (e.g. forgetting which finger you used and at what angle you pressed), but adds some scary ones of their own.