I recently moved from Plasma 5.24.7 to Plasma 5.27.5 and have observed a change in behavior in how fingerprint unlock from the lock screen works.  For me, this has made the experience of getting past the lock screen more annoying.

Note that here I am referring to getting past the lock screen (kscreenlocker), not the initial login screen (sddm).

Plasma 5.24 behavior:
I am presented with a password prompt and not prompted to do a fingerprint scan until I hit "enter".  Entering a blank password is fine, it will then prompt me to scan my finger and log me in after a successful scan.

Plasma 5.27 behavior:
The system immediately prompts for a fingerprint scan if I press any key or move the mouse.  I don't have to hit "enter" at the password prompt to get it to ask for a scan.

This *seems* like an improvement since I can get into the system more quickly.  The problem comes from the fact that it is easy to disturb the lock screen and have it prompt for a scan when I'm not actually ready to log in yet.  I'm just using a laptop with a USB mouse attached, and if I have the screen locked and pick the system up to move it to a different location, kscreenlocker will think that I'm ready to do a fingerprint scan.  A few minutes later when I'm actually ready to do a scan, it has already errored out.

So, we have some issues.

STEPS TO REPRODUCE
1. Set PAM fingerprint timeout to 30 seconds.  (/etc/pam/common-auth)
2. Lock the KDE Plasma session.
3. Move the mouse.  kscreenlocker system prompts for a fingerprint scan.
4. Wait 30 seconds.

OBSERVED RESULT
The scan times out and results in the error message "Verification failed".  The proceed, I have to hit enter at the empty password box, watch the shake/failure animation, and then wait a few seconds before it will allow me to try again.  So in the end, it takes *longer* than it took with Plasma 5.24.

EXPECTED RESULT
...I wasn't even ready to scan yet.  Wait until I take explicit action before starting a scan, or, automatically retry the scan after failure.

=====
I tried increasing the fingerprint scan timeout to get around this issue.  If kscreenlocker would just sit and wait patiently until I am really ready to do a fingerprint scan, then there would be no problem.  It turns out that there's a bug in libpam-fprintd that prevents setting the timeout higher than 99 seconds, but I got around that by applying this unmerged patch.  See:
- https://gitlab.freedesktop.org/libfprint/fprintd/-/issues/147
- https://gitlab.freedesktop.org/libfprint/fprintd/-/merge_requests/195

Regardless, increasing the timeout does not help me solve this problem.

STEPS TO REPRODUCE
1. Set PAM fingerprint timeout to 99 seconds.  (/etc/pam/common-auth)
2. Lock the KDE Plasma session.
3. Move the mouse once.  kscreenlocker prompts for a fingerprint scan.
4. Wait 99 seconds.

OBSERVED RESULT
kscreenlocker appears to give up on PAM fingerprint authentication approximately 88 seconds after issuing the fingerprint scan prompt.  I got this from tracing through entries in auth.log with libpam-fprintd "debug" mode turned on, and observing the steps that it is going through in the libpam-fprintd code.  In libpam-fprintd, the poll is interrupted early and it gets back an error "verify-unknown-error".  (This is not the case with, for example, a sudo password prompt; it will wait as long as I have configured for a fingerprint scan.)  At this point, fingerprint authentication is broken.  Despite kscreenlocker issuing another request for me to scan my finger, the only way forward is to enter my password.

EXPECTED RESULT
kscreenlocker should wait indefinitely for a fingerprint scan.  The timeout is configured by PAM.

=====
Alternatively, is there a way to configure kscreenlocker to just not try to do a fingerprint scan until I hit "enter" at the password prompt, like it did in Plasma 5.24?

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: Kubuntu 23.04, Linux kernel 6.2
KDE Plasma Version: Plasma 5.27.5
KDE Frameworks Version: 5.104.0
Qt Version: 5.15.8