Which fingerprint reader are you using?
1) Microsoft Fingerprint Reader (Formerly Digital Persona)
2) Eikon Reader
3) Other?
An easy solution is to take advantage of the automatic form-filling tools that come with either, and build a password system around that where the passwords are predefined 64+ byte long random blocks of data. Keep your web-based system but have a very minimal form that discourages entering the password client-side (through javascript), and explains that the user should touch the fingerprint scanner to punch in/out.
If possible, take each employee through the registration system by having them setup an auto-login with their fingerprint, having them look away and then privately entering the password without them watching.
Of course this is easily hacked by a tech-savy employee using a tool like asterisk key (on windows) or a dom explorer / debugger later but it should provide a minimum level of security and at the very least won't be as easily shared as your current system (which I gather is your goal).
Also, fingerprints don't really provide any type of security for a determined attack. Silly putty, superglue, and five minutes can reliably replicate any prints lying around. As long as you accept this issue you'll be OK.