Comment 37 for bug 256429

sachem_s: please check if in /etc/pam.d/common-auth you have the "try_first_pass" option to the pam_unix.so module, something like this:

auth [success=1 default=ignore] pam_unix.so try_first_pass nullok_secure

otherwise that module won't use the password previously submitted to the thinkfinger module, and it will prompt you for another password.