How do you protect code from being physically stolen?

If you really want to protect it that badly, you might want to consider putting it on an encrypted filesystem using TrueCrypt or something like it. Unless the Thinkpad encrypts your drive using a key derived from your biometric information (which would be insane in my opinion) it would be very easy to circumvent by moving the hard drive to a different computer.

There is only encryption. Biometrics are simply an authentication mechanism and can't be used to protect code. If someone takes your computer and removes the hard drive, they can analyze it and take anything that isn't encrypted. You should try some of the various whole-disk encryption products that are available.

Fingerprint readers offer zero protection for stolen laptops. Why? Your fingerprints are all over the thing!

Don't trust the fingerprint scanner. Biometrics are notoriously bad for false positives. You probably want to use whole-disk encryption, or put all your code on a partition or usb key or something else that you can encrypt. PGPDisk is a good free tool, though there are others. Protect it with a strong password or better, a password protected key on a separate token like a smart card.

Well fingerprints can be simulated with http://www.theregister.co.uk/2002/05/16/gummi_bears_defeat_fingerprint_sensors/. I'd say good encryption and some decently strong keys will be the best bet to protect your data.

We've been banned from using the current generation of biometrics installed on our Lenova systems - it's been deemed too weak. There's plenty of reading material on the web about its weaknesses. Our domain enforces strong passwords (10> length, alpha upper/lower, numeric and symbol). Bitlocker secures the volume. When logging in over RAS we demand physical evidence in the form of a smartcard in addition to the regular username + password. For extra high security systems such as our internet facing servers we add key fob one-time generators too.

Don't take it in a laptop in the first place? Seriously, if you're really paranoid, even with drive encryption, if I steal your laptop then it's game over if the source is on it. Even encrypted, it's just a matter of a brute force attack. I have the laptop, I have all the time in the world. Don't put the source on the laptop, use a VPN and keep it at work.

if someone takes your laptop or goes on your laptop while you're away... Always lock your computer when you're gone. And don't let any of your accounts (especially the admin one) have an empty password... As for physically stealing, we've had a few laptops stolen. First, every employee now needs to take it home with them. Second, the front door needs a badge to get in. If you really need to protect it, using Truecrypt will probably do the trick. Your data is then pretty damn safe. Also, having your code only on your laptop would be a terrible idea, it's what source control is invented for ;)

In GNU/Linux, you can also use http://www.arg0.net/encfs, which is a user-space encrypted file system that runs on top of FUSE. It is very easy to use, just type in a terminal: $ encfs ~/.encryptedstorage ~/path/to/seccure-code And after following the directions. You'll have a secure-code directory where you can safely store all the source code you want to protect. And you can combine it with http://fuse.sourceforge.net/sshfs.html to store files on a remote server, and then use the sshfs-backed file system as your encrypted storage. Using this method you can have all your source code files stored on a remote server, completely encrypted.