Leave your password everywhere, or just tattoo it on your face
Fingerprint access and face recogntiion are equally inane "solutions" to mobile device security.
Yes, it's more or less ok to use them for, say, access to a building, provided they can't be fooled by reproductions, because the whole point is that You and only You are being checked to see if You are You.
But why would you use a password which you leave everywhere, every single time to you touch something that will take a fingerprint? Why would you guard your sensitive personal data with a password you have plastered on your face? Either of which the Stasi can "hack" simply by twisting your arm?
The best password is a mixed case random alphanumerisymbolic mashup of at least a dozen characters, and a validation process that will not allow more than one entry attempt per second by any means. It's in my head. Only in my head. Where no gets it unless I wish to share. We'll see how long it takes anyone's computer to get through 14,000,000,000,000,000,000,000 combinations at a rate of one per second—long beyond the heat death of the universe.
Now if you want to add face recognition as an extra factor, fine: but to rely only on fingerprints or faces is not improving security—it is doing precisely the opposite.
Biting the hand that feeds IT
