I'd be very interested to hear how you think brute forcing my 22 character password is easier than stealing my laptop and fooling the fingerprint sensor.
Think of it in more relative terms. The average iPhone user isn't going to be using a 4 character PIN, let alone a 22 character one. While the approach taken by Apple has a number of very real drawbacks, upgrading from no security to good (but still hackable) security is a huge deal.
This isn't going to keep the NSA out of your phone, but it will serve to keep the average smash-n-grab thief or other low-skilled random out of your phone.
This isn't going to keep the NSA out of your phone, but it will serve to keep the average smash-n-grab thief or other low-skilled random out of your phone.