A hobby-built fingerprint authorizer revives a once-familiar login idea, but moving biometric approval off-device changes the security question from "does the finger match?" to "can the system trust the path?"