If every decent software engineer knows that faces and fingerprints cannot be passwords because they're neither secret nor can you change them, then why does Apple, which is supposed to be a top-notch tech company, release features like that
@gargron mmmmmm I'm actually pretty happy with how TouchID is implemented from a security perspective. Your password is still required after any reboot or significant downtime, or for sensitive operations. It's not being used as a password, more as a proof of continued presence during inactivity.
Security is a usability/threat tradeoff and having TouchID enabled allows me to have a much longer password then would be practical normally. So overall it's a net positive.