Despite their simplicity and easy handling - we never need to remember our face, eyes, voice or finger tips - and the unique features of each body, biometrics (using body measurements and calculations as a form of identification and access control) can indeed be prone to attacks, too.
For example, in some cases, facial recognition and other biometrics representatives can be deceived or bypassed by means of stolen social media profile pictures or similar means. As mentioned in the news (see German version for links to German press articles), there is a real danger of data leaks and cyber attacks. As opposed to quickly changing one´s password, it is difficult - if not impossible - to change one´s biometrics upon discovering such a leak or attack. In other words, simply substituting passwords for biometrics would constitute a dangerous and irresponsible move. Furthermore, stolen biometrics could also be (ab)used to create false ID´s or passports.
Our security experts therefore recommend using a robust password manager. The main principle needs to be: never use the same password for multiple accounts or applications (e.g. email, online banking, social media etc.). In addition, your passwords should have sufficient length and complexity based on a considerable pool of possible characters. Avoid real words or parts of words and change your password regularly. There is also the option of activating two-factor- or multi-factor-authentication (2FA or MFA, respectively), for further protection and risk reduction. This way, you are able to respond quickly in case of a hacker attack or data leak. Whatever damage may have been caused - and any damage is at least annoying - will be under control and confined to manageable dimensions, not spreading to other platforms.