Again, this is not an easy task for a valid reason. Remember, the logon prompt is the gateway into your system,...
so you wouldn't want just anyone to tamper with it. If you did, it would mean that anyone could write code to bypass Windows logons.
To learn how to customize a GINA for your particular fingerprint scanner, I suggest you read this security brief from msdn:http://msdn.microsoft.com/msdnmag/issues/05/05/SecurityBriefs. This article not only guides you through the process, but provides sample code as well. Keep this in mind, should you decide to write your own GINA code, you may want to keep that user ID and password alongside your fingerprint login in your new personalized prompt, especially if you're looking for true two-factor authentication and the protection that it promises.
Finally, it's important to remember biometrics devices aren't replacements for passwords. The point of biometrics is to be part of a two-factor authentication system. Two-factor systems are generally stronger because they require two layers of authentication, while a user ID and password combination alone, or a biometrics device by itself only provides one layer of protection. It's best to add biometrics to augment a user ID and password set up, rather than deploy it as a standalone, because it's only a marginally better authentication mechanism by itself.
Related Q&A from Joel Dubin
After a server room door has been compromised, finding a more secure solution is of utmost importance. Learn how to choose a server room door that ...continue reading
In the IAM world, what's the difference between access control and identity management. This IAM expert response explains how the two relate as well ...continue reading
When working with PeopleSoft and Unix, which single sign-on (SSO) vendors offer the most effective products? Learn how to choose an SSO product in ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.