Just before a quiet, contemplative festive season descended on our house I saw the science fiction film Gattaca for the first time. What caught my eye was the biometric authentication hardware used to allow access to a top secret installation: a DNA sequencing device.

This sounds impressive but, as the plot demonstrated, unless you're sure that the sample comes directly from the person you're authenticating, such a system can be fooled. However, biometric authentication methods are rapidly coming of age.

At present, IT managers have a range of systems to choose from if they want to control access to systems without using the venerable password.

Fingerprint, iris, retinal and facial recognition systems are the most common, which could mean that the dreaded "I've forgotten my password" phone call to the IT support desk will finally be a thing of the past.

After all, you are hardly likely to hear someone complain that they've forgotten their finger/eye/face. On the other hand, biometric hardware that fails or is unreliable could prove just as costly to support as the old passwords.

There is a lot of misinformation about biometric technology. One of the best myths is that US presidential bodyguards are trained to smash any glass/cup/mug that the president has picked up to prevent villains reproducing the president's fingerprint and then penetrating another 10 levels of security to launch a nuclear holocaust on an unsuspecting world.

The most popular biometric authentication device at present is the fingerprint scanner. Firms that manufacture these devices, and those that sell the software to run them, say that their systems can save money for IT departments because there will be fewer helpdesk calls.

IT administrators will have to calculate whether the expense of buying and setting up the fingerprint systems will be offset by the savings of fewer password problems.

With all biometric access methods, the stored sample against which a user is compared must be kept on a server, or some other storage device such as a smartcard, which means it is vulnerable. However, encrypting the sample and any communication between the biometric sensor and the server adds a further level of security.

Fingerprints aren't actually stored as a scanned print. Instead, an algorithm is used to produce a digital profile from a fingerprint which dramatically cuts the amount of space required to store it. When authenticating a user, their fingerprint image is put through the algorithm and then compared with the stored profile.

Other biometric techniques such as face, iris and retinal scans are also catching on; in some parts of London, facial scanning is already being used to try to pick out known criminals from crowds. Combining one of these methods with a fingerprint scan could provide an extra level of security.

After the recent terrorist attacks on the World Trade Center, security vendors may well be touting their biometric systems with renewed vigour.

Companies will have to evaluate for themselves whether the extra security justifies the expense of new hardware and software, not to mention any resistance they might face from end users unwilling to submit to having parts of their anatomy scanned, digitised and filed away.