Thanks
Phil that sounds like a good idea, although I understand that most fprint readers let you use alternative fingers in case you have, e.g. a sticking plaster on one of them, so you'd need some flexibility for that.
TeeCee, thanks for the info about that - I didn't realise that it had been debunked, I'll look out for that episode.
I absolutely agree about two-factor authentication (I use it for my work VPN) but I'm not sure I agree about password visibility. For instance, when you are in your own office, mounting an encrypted volume, you are fairly sure about having the requisite privacy. But you still want that password to be extremely strong so that your data remains safe if your server is stolen. This is even more true of mobile devices - sometimes you know you are in a safe environment, and mostly you know you will also be frequently taking that device into a less safe environment.
However, if there were a hidden hi-def camera of which you were unaware, I'm pretty sure that a slow-mo replay of you entering the password, even as a ten-finger typist, would yield so much information about the content of the password that it would make it relatively easy to crack. Even if you can only identify the hand and the row you have narrowed each character to about 5 possibilities.
On balance though, I think you have convinced me that it's a dumb idea, and if I value security I should just accept the occasional need to retype a long passphrase. Who knows, maybe it will even improve the accuracy of my typing!