[criddell]

My laptop has a fingerprint sensor that I use. There is a backup password but I don't know what it is but I do have it in my password manager that I can access from my phone.

My office computer has a relatively weak password because there's nothing on it that is personally sensitive. They force a password change every three months so I added a counter to the password and just increment that each time (pa$$1word, pa$$2word, pa$$3word, etc...).

[logicuce]

Isn't fingerprint based authentication considered, generally, weaker than that based on a password?

[criddell]

I might be wrong, but I believe a fingerprint is equivalent to around 80 bits of entropy which is roughly the strength of a good 13 character password.

A determined adversary can do things like lift a fingerprint from elsewhere and use that, but it's not really something I worry about too much. They could also arrest me and press my finger down on the sensor or beat me and I'll tell them every password I can.

I mostly worry about having strong credentials to remote systems.