The problem with Biometric fingerprint readers

Biometric fingerprint readers allow you to logon to your computer in the active directory and to your favorite websites with the touch of your finger. Unfortunately, most users rely so much on fingerprint readers that they forget their domain password. This becomes frustrating when a user tries to access resources in the AD from a machine that does not have a fingerprint reader or is not in the AD.

Users start by entering the wrong passwords and eventually get locked out of their account thanks to Group Policy settings. You end up with your CIO attending a conference in Vegas asking you to reset his password and giving it over the phone. You start to wonder if the person calling is really the person they claim they are or some hacker trying social engineering techniques and start to think about how you could verify their identity, if the phone line is secure, whether you will loose your job if you don’t give him the temp password etc. It goes downhill from there…

Maybe fingerprint readers of the future will allow you to remotely/securely send credentials from any machine. Maybe they already exist.