Poor Design

Cheating Windows Out Of Cheating You (The Fingerprint Reader)

For all I know, this is a well-known problem with an easy solution, but after searching online, it seems like many people have the same problem, and nobody has a solution.

The problem, for some reason, is this: If you have a fingerprint reader (as a faster log-in method so you don’t have to type your password), and the sensor/Windows doesn’t verify your fingerprint after about 3 tries, Windows will require you to type your password.

It seems like Windows is being insane.  I can’t think of a reasonable security rationale for not allowing unlimited fingerprint tries, when of course you have unlimited password attempts.

The workaround is this: Alternate the fingers you use in between unsuccessful fingerprint verifications.

If finger #1 doesn’t work, try finger #2 next.  If that doesn’t work, go back to finger #1.  Windows allows you to register at least two fingerprints, so everyone who has this problem ought to be able to use this workaround.

When you use this workaround, the number of tries that Windows gives you goes way up.  It seems like more than enough to eventually get a successful fingerprint verification, at which point you’re logged in.

Of course, this makes the whole thing seem even more insane.  If there were no security rationale to begin with, then I really, really have no idea how to describe the security rationale for this extended workaround.