Which fingerprint reader are you using?

1) Microsoft Fingerprint Reader (Formerly Digital Persona) 2) Eikon Reader 3) Other?

An easy solution is to take advantage of the automatic form-filling tools that come with either, and build a password system around that where the passwords are predefined 64+ byte long random blocks of data. Keep your web-based system but have a very minimal form that discourages entering the password client-side (through javascript), and explains that the user should touch the fingerprint scanner to punch in/out.

If possible, take each employee through the registration system by having them setup an auto-login with their fingerprint, having them look away and then privately entering the password without them watching.

Of course this is easily hacked by a tech-savy employee using a tool like asterisk key (on windows) or a dom explorer / debugger later but it should provide a minimum level of security and at the very least won't be as easily shared as your current system (which I gather is your goal).

Also, fingerprints don't really provide any type of security for a determined attack. Silly putty, superglue, and five minutes can reliably replicate any prints lying around. As long as you accept this issue you'll be OK.

Most of the tools i found were commercial products. But hopefully they lead you in the right direction you want to take.

• Griaule fingerprint recognition software
• Universal Matching System Software Development Kits
• OSS BioFoundry