Biometrics are really not fine. They're somehow supposed to be some permanent marker of who you are, but that's really not how it works in the real world. You physically change.
I've broken any biometrics recognising me in a dozen different ways, this year alone. Cut open my finger, changing my fingerprint. Head surgery for melanoma gave me a scar so facial recognition doesn't work anymore, blood vessel burst in my eye, so iris scan changed. And so on.
They're fine for a convenience, but that's it. They're nothing more than a pin, and you will have to fall back to password or authenticator or something else, sooner or later.
Also, even if they work as desired, if they're ever compromised [1], you're permanently unable to use that form of authentication, or permanently vulnerable to services that use and/or require it.
Again, biometrics are fine for local access. If you cut your finger or scar your face just use your backup method (maybe a pin, maybe a different finger) to get in and update the scan. And if someone steals your fingerprint they can't use it without having physical access to your device, because again, this is for local access.
For remote authentication you use a private key accessed via the local system (which you are already authenticated to using biometrics).
There's also this failure case: I know a pair of sisters who look and sound identical enough that they can unlock each other's phones with face and voiceprint recognition.
I knew a girl from Asia that had a sister that was six years younger and twenty pounds skinnier. They could both unlock each other's phones using facial recognition.
Considering the frequency with which facial recognition leads to arrests if you're black [0], it seems that if you've got the right non-white skintone, you can unlock someone else's phone.
I've broken any biometrics recognising me in a dozen different ways, this year alone. Cut open my finger, changing my fingerprint. Head surgery for melanoma gave me a scar so facial recognition doesn't work anymore, blood vessel burst in my eye, so iris scan changed. And so on.
They're fine for a convenience, but that's it. They're nothing more than a pin, and you will have to fall back to password or authenticator or something else, sooner or later.