I use multiple systems, and all seem to have some kind of way to ease the use of password prompts:
On MacOS you can use the fingerprint reader, or the Apple Watch to authorize operations (yep, even sudo)
On Windows, Windows hello allows you to authorize using a fingerprint reader or specific camera setup
Fingerprint readers are not as widely supported in Linux as in Windows because of vendor limitations (they just don’t care).
Is there any other recommended way to authorize operations on a desktop computer using something similar to the other systems? (Fingerprint readers, Bluetooth auth, etc)
Fprintd is what you’re looking for. KDE and Gnome have built in support for it. Some distros like Fedora have it installed by default.
I have an inexpensive u.are.u 4500 and it works well enough for my uses.
The other alternative is to use pam_u2f with FIDO2 keys eg yubikey, solo key, etc. That will also enable you to use ssh -sk keys too if that’s important to you.
As with most things like this you can combine them to have 1FA, 2FA, or 3FA. You can even tie it into FreeIPA if you use that. You can also combine to lock yourself out of your system completely. So have fun!
It really depends on the age of the hardware if fprintd is going to have support for the sensor. I have a ThinkPad T80s and fprintd doesn’t cover my sensor.
I would probably stick with Bluetooth because it generally works fine across all my machines, while the fingerprint sensor is super finicky and this is the third machine I’ve had this issue with.
I use a Yubikey with u2f.
You should look into PAM and PAM authentication methods. It is what authenticates users on Linux and supports many authentication methods including fingerprint and face.
