2) With the arrival of optic based fingerprint scanners, the probabilityThis is not true, there has been a fair amount of research done on creating false finger print pads from latent fingerprints, which mostly consist of defining the oils left behind with, eg, black printer toner, capturing a high resolution image of the finger print with a digital camera or scanner, touching up the image as necessary in a photo editing suite, printing a negative of the finger print on to transparency, and burning a "circuit" with ultraviolet light (common in the home electronics scene). This makes a reusable mold in to which gelatin can be poured to make a false finger pad which regularly fools fingerprint scanners since it is of similar consistency to human finger print pads.
of getting authenticated on latent fingerprints (or by using a lifted
fingerprint) is very minimal.
This is true, and this increases the effort required on the part of the covert operative in order to capture a successful identification, however the underlying problem still exists: once a user's prints are successfully compromised, they have no opportunity to alter their key (finger prints). If my password is guessed, I can change it. If my SSH key is broken, I can change it. If my fingerprints are captured, I have no such opportunity.3) And you can use all the ten fingers of yours for authentication; it need not always be your thumbprint alone.
-Eric "MightyE" Stevens To reply to me, please remove "-removethis-" from my email address. http://lotgd.net -- Slay a dragon... over lunch!