I hold my hands up and accept that it was my mistake and I should have been clearer in what I was saying.
To clarify I wasn't suggesting that fingerprints are secure - though for most people I suggest that lifting a fingerprint and making a working copy isn't trivial. It's usually simpler to use other means anyway such as threats of violence - I suspect most people would give up a password under that kind of duress.
On top of this, we all know the problem with enforcing silly password policies and what happens to them and how they get written on a post it. Or it becomes the same password + an incrementing number/Shift+number (not to mention how convenient it is to have 12 such keys across the top of the keyboard, below the Fn keys).
All of my elevated accounts have an out-of-band secondary authentication method enabled, be that an RSA token or Google/Microsoft type authenticator. That being MFA.
However, it's also worth pointing out that in the roles I do these days, it's less and less of a requirement to require any kind of elevated access on a day-to-day basis if at all. I generally request such accounts are disabled until and unless I specifically require use of them.
What I was saying is that for most people doing everyday work, fingerprint authentication is sufficient and it's convenient and yes, I am aware that it's not multi factor authentication since it only fulfils the category of something you have not combined with something you know.
I should also have pointed out that even here with the use of fingerprints, we have other layers of security such as BitLocker enabled.
All of which is summarily undone by the culture here of many people walking away and leaving their machines both unguarded (no one else around, necessarily) and unlocked.