The concept of using fingerprints for identification dates back to the 1800s. Law-enforcement agencies started using them at the beginning of the 1900s. Now with M2SYS Biometric Security Suite, a fingerprint can replace your Microsoft Windows password, control access to applications, and lock your private documents. Fingerprint-based log-on is the suite's high point; some of the other features are disappointing.

The heart of this product is the M2-S1 Swipe Reader. As its name suggests, you swipe your finger along the unit's multiple sensors rather than simply resting it in one place. According to M2SYS, the USB-connected device reads fingerprints below the skin surface, where they remain consistent, even as skin damage, dirt, or other problems might cause problems for another reader.

Installation requires Administrator privilege in Windows 2000 or XP (Vista isn't yet supported). During the process you enter your Windows username and password and also configure a suite-specific administrator name and password—these can be used in an emergency to boot the system if something goes wrong with the fingerprint process. To complete the configuration, you enroll from one to five fingerprints. To enroll a finger, you swipe it across the scanner three times when prompted. The system reports a percentage indicating just how successful it was at identifying the "minutiae" that it will use to distinguish this finger from any other. If the percentage is low, you can re-enroll or try a different finger. M2SYS recommends at least 70 percent, but I found it worthwhile to keep trying until I got over 80 percent—a lower percentage means a higher chance that the unit won't recognize your finger.

The next step is to register other users of the computer and enroll their fingerprints. These needn't be Administrator users; limited users are okay. And you can register up to 32 people, which is surely more than any single computer should have. At this point, nobody has to enter a username/password to log in. Just walk up to the computer, swipe a finger, and it will log in as the appropriate user. Pretty nice! If you need to boot into Safe Mode, you'll have to use the emergency administrator name and password, as the scanner doesn't work in Safe Mode. Store that emergency log-on data in a safe place.—next: Lock 'em Up >

Lock 'em Up

The M2SYS-Lock icon on the desktop can be used to lock documents, and it can control who is allowed to launch any specific application. To lock a document, you just drag/drop it onto the icon. You can set it so that only your fingerprint will unlock the document or allow other registered users to unlock it, optionally asking them for a password. Dragging a locked document onto the icon unlocks it after you swipe your finger. You can also lock or unlock any document by choosing from the right-click context menu.

The software doesn't get in the way when you want to open a locked document. It demands fingerprint authentication and then launches an unlocked copy of the file. When you finish editing, it relocks the changed document. According to M2SYS, it uses DOD secure deletion on the unlocked files, overwriting the data three times before deleting it. I tested this by editing a locked Microsoft Word document and then looking for deleted files using the free Pandora Recovery utility. And whaddaya know—I had no trouble undeleting a weirdly named file that turned out to be a perfect copy of my "locked" document. This feature won't offer much protection against a computer-savvy snoop.

To lock an application, you first double-click that same M2SYS-Lock icon. Now you can either drag the application or shortcut onto the list or browse to select it. In either case, you'll choose whether all registered users can open the application with a finger-swipe or if only the suite Administrator can. But here, too, I had little trouble circumventing the product's protection. Finding and d