Not OP, but...

Fingerprints, as far as most readers are concerned, aren't too difficult to duplicate sufficiently.

You can obtain someone's fingerprints from photos, as the German defence minister found out years ago[1]. Also you leave them everywhere and your laptop is likely covered in them. You can't effectively change or revoke them.

You can reproduce them with varying levels of success with photoshop, a laser printer, gelatin and some home PCB etching gear.

And unlike passwords, there's no 5th amendment right covering them for Yanks. (The latter is debatable for passwords, but is absolutely not for fingerprints.)

They may be "good enough" security, depending on your threat model. But they're pretty shit for security, all things considered.

[1] https://arstechnica.com/information-technology/2014/12/polit...

For biometrics in general, there's a huge list, starting from cannot change and therefore rely on the implementation, all the way down to hard to deny that I have access. While I can say, no, I don't have a password to this random device you are showing me, with biometrics, you can just wave it in front of my face and it unlocks. Maybe even when I am asleep / unconscious.

For the specific case here, about my laptop: for instance, I can't simply hand the notebook to my dad, _telling_ him the password and he's good to go. This is the downside where I can't simply share a (biometric) login, even if I want to. Which also means that every access automatically implies that it's really me, and not someone else I just gave quick access to without reconfiguring the system.

Biometrics are typically immutable. If your password gets compromised, you can simply change it. You can't change a fingerprint.

Hello only works with a Microsoft account