Fingerprint ID sounds super-cyber-state-of-the-art, but really it’s just meat. Quite primitive. Here’s a great article from Elliot Williams on Hackaday about why fingerprints, however snazzy they may sound, are already outdated as security.
Your pull quote:
Passwords are supposed to be secret, like the name of your childhood pet. In contrast, you carry your fingers around with you out in the open nearly everywhere you go. Passwords also need to be revocable. In the case that your password does get revealed, it’s great to be able to simply pick another one. You don’t want to have to revoke your fingers. Finally, and this is the kicker, you want your password to be hashable, in order to protect the password database itself from theft.
And an excellent quote from the 2600 group on Fedbook:
Jason Barbier Ive said it once, Ill say it some more, BIOMETRICS ARE NOT PASSWORDS. Your fingerprint, retina, nose print, whatever flavor of the month of using your body to identify you is your username. In an ideal security picture you would use a username or fingerprint to tell the computer who you are, then a passprase and some sort of one time token to verify that you are who you say you are.