Fingerprints are Usernames, not Passwords

Fingerprints cannot, and absolutely must not, be used to authenticate an identity. For authentication, you need a password or passphrase. Something that can be independently chosen, changed, and rotated. Once your fingerprint is compromised (and, yes, it almost certainly already is, if you've crossed an international border or registered for a driver's license in most US states), how do you change it? Are you starting to see why this is a really bad idea?

Fingerprints are Usernames, not Passwords
Chaos Computer Club Cracks Apple TouchID