IIRC Bruce Schneier has quite a bit to say about why that's such a bad idea. How might a user change their credentials if a copy of their retinal pattern is compromised?