How Secure Is Microsoft's Fingerprint Reader?

Moos3d asks: "I recently found out about this Microsoft Fingerprint Reader at the library and ever since then I have been fascinated by using something like this for my own PC. How secure is this compared to using multiple 10+ character long passwords? Some people I've talked to seem to think it isn't safe at all and some people seem to think it is only safe for casual use. I only plan to use it for online forums and other applications that don't require great measures of security so it seems to be perfect for me, but how secure do you think it really is?"

How do you plan to use it?

[kosmosik]

How do you plan to use it? You've mentioned online forums etc. - they don't support this (at least majority of forums I know), most of such sites use passwords, often in unencrypted matter - if you are sending unencrypted password between two untrusted hosts etc. really password quality (be it 123809243+ random characters) does not matter at all...

How it is secure depends on how you plan to implement it. Security is not about buing some gizmo, security is a complex project from ground up/design to implementation and also the hardest part - human element.

So this device alone cannot be proclaimed safe or unsafe - it depends on how you will use it.

I don't really track this specific hardware. I just commented about merit of your question in general.

A place where it works

[samael]

The hospital my father works in uses these to control access to data entry in the neonatal ward. The nurses would otherwise be typing in passwords about 300 times a day, as the computers lock whenever someone isn't standing at them. It means that the tracking data for who entered what data is always correct and that time isn't taken up typing in passwords all the time.

I'm not sure how easy they are to fool, but in the hospital, where people wouldn't be at the terminals unless they were a recognised user anyway, they're perfect.

Don't mean to troll, but...

[TheWanderingHermit]

I really do not mean this just as a troll, but after all the problems with Windows, IE, Outlook, and Office, I find it impossible to feel secure with ANYTHING Microsoft sells. I feel they have proven their focus is on getting a product out and getting the money, THEN worrying about fixing it, which is usually done with upgrades that cost more money. They're a business, and their goal is to get you to buy it, but I have yet to see one shred of evidence that they are as concerned about their products being secure as they are about getting paid.

I think I once read something about Bill Gates saying his business model was to first promise something great, second, get the money, third, deliver it, and fourth, worry about the bugs and fixes later. We all know, though, that once you've sold something, the support from almost anywhere is not as focused as their efforts to produce the next thing they can sell, which is often the upgrade to fix the problems in the earlier version.

Easy bypass...

[aoasus]

Violently remove finger, discard remainder of human. Apply finger to biometric scanner.

I've seen it in movies. What's to stop someone from using this technique?

It is not possible

[Lead+Butthead]

Anything digital can cracked. Although I don't want to come across as some sort of M$ lover, but M$ is being slamed constantly because it is currently the biggest fish in pond (or is it bullie in the neighborhood? but I digress...) There is little doubt in my mind that when Linux overtake M$, it will be on the receiving end of same treatment.