diff --git a/backend/mixins.py b/backend/mixins.py
index 49071c45fba047bd569058cca704d2ca1b517a53..e98a3bd89d4cb2accec66e9021c3393e828c47ce 100644
--- a/backend/mixins.py
+++ b/backend/mixins.py
@@ -74,6 +74,10 @@ class VisitPersonMixin(VisitorMixin):
     Visit a person record. Adds self.person and self.vperms with the
     permissions the visitor has over the person
     """
+    # Define to "edit_bio" "edit_ldap" or "view_person_audit_log" to raise
+    # PermissionDenied if the given test on the person-visitor fails
+    require_vperms = None
+
     def pre_dispatch(self):
         super(VisitPersonMixin, self).pre_dispatch()
         key = self.kwargs.get("key", None)
@@ -83,6 +87,9 @@ class VisitPersonMixin(VisitorMixin):
             self.person = bmodels.Person.lookup_or_404(key)
         self.vperms = self.person.permissions_of(self.visitor)
 
+        if self.require_vperms and self.require_vperms not in self.vperms.perms:
+            raise PermissionDenied
+
     def get_context_data(self, **kw):
         ctx = super(VisitPersonMixin, self).get_context_data(**kw)
         ctx["person"] = self.person
diff --git a/restricted/templates/restricted/person_fingerprints.html b/restricted/templates/restricted/person_fingerprints.html
new file mode 100644
index 0000000000000000000000000000000000000000..7413c89ef1257ee5db95d08c24b75f3e9e6d78d1
--- /dev/null
+++ b/restricted/templates/restricted/person_fingerprints.html
@@ -0,0 +1,48 @@
+{% extends "restricted/base.html" %}
+{% load nm %}
+
+{% block head_resources %}
+{{block.super}}
+<style type="text/css">
+.errorlist { color: red; }
+</style>
+{% endblock %}
+
+{% block breadcrumbs %}{{block.super}}
+/ <a href="{{ person.get_absolute_url }}">{{person.lookup_key}}</a>
+{% endblock %}
+
+{% block content %}
+
+<h1>Edit fingerprints for {{person.fullname}}</h1>
+
+<form action="{% url 'restricted_person_fingerprints' key=person.lookup_key %}" method="post">{% csrf_token %}
+  {% for hidden in form.hidden_fields %} {{hidden}} {% endfor %}
+  {{ form.non_field_errors }}
+  {% for f in form.visible_fields %}
+    <p>{{f.label_tag}}<br>{{f}}<br><small>{{f.help_text}}</small></p>{{f.errors}}
+  {% endfor %}
+  <input type="submit" value="Add key">
+</form>
+
+<table>
+  <thead>
+    <tr>
+      <th>Key</th>
+      <th>Active</th>
+      <th>Actions</th>
+    </tr>
+  </thead>
+  <tbody>
+  {% for fpr in person.fprs.all %}
+  <tr>
+      <td>{{fpr.fpr}}</td>
+      <td>{{fpr.is_active}}</td>
+      <td></td>
+  </tr>
+  {% endfor %}
+  </tbody>
+</table>
+
+{% endblock %}
+
diff --git a/restricted/urls.py b/restricted/urls.py
index bd3c347aa70ad16aa9c75bb402512b755db8f669..764b9b091737fbb6b10f793c0512807b072ab094 100644
--- a/restricted/urls.py
+++ b/restricted/urls.py
@@ -31,6 +31,7 @@ urlpatterns = patterns('restricted.views',
     url(r'^amprofile(?:/(?P<key>[^/]+))?$', views.AMProfile.as_view(), name="restricted_amprofile"),
     # Edit personal info
     url(r'^person/(?P<key>[^/]+)$', views.Person.as_view(), name="restricted_person"),
+    url(r'^person/(?P<key>[^/]+)/fingerprints$', views.PersonFingerprints.as_view(), name="restricted_person_fingerprints"),
     # Create new process for a person (advocate)
     url(r'^advocate/(?P<applying_for>[^/]+)/(?P<key>[^/]+)$', views.NewProcess.as_view(), name="restricted_advocate"),
     # Show changelogs (minechangelogs)
diff --git a/restricted/views.py b/restricted/views.py
index d7078e2708617f61a906dfdfd9c0269b99c93a50..d8827606d3300f4a6bbd12ba5c87ce4be1600ae6 100644
--- a/restricted/views.py
+++ b/restricted/views.py
@@ -27,11 +27,13 @@ from django.utils.translation import ugettext as _
 from django.core.urlresolvers import reverse
 from django.core.exceptions import PermissionDenied
 from django.views.generic import View
+from django.views.generic.edit import FormView
 from django.utils.timezone import now
+from django.db import transaction
 import backend.models as bmodels
 import minechangelogs.models as mmodels
 from backend import const
-from backend.mixins import VisitorMixin, VisitorTemplateView, VisitPersonTemplateView
+from backend.mixins import VisitorMixin, VisitPersonMixin, VisitorTemplateView, VisitPersonTemplateView
 import backend.email
 import json
 import datetime
@@ -564,3 +566,27 @@ class MailboxStats(VisitorTemplateView):
             emails=sorted(stats["emails"].items()),
         )
         return ctx
+
+
+class NewFingerprintForm(forms.ModelForm):
+    class Meta:
+        model = bmodels.Fingerprint
+        fields = ["fpr"]
+
+
+class PersonFingerprints(VisitPersonMixin, FormView):
+    template_name = "restricted/person_fingerprints.html"
+    require_vperms = "edit_ldap"
+    form_class = NewFingerprintForm
+
+    # TODO: add template
+
+    @transaction.atomic
+    def form_valid(self, form):
+        fpr = form.save(commit=False)
+        fpr.user = self.person
+        fpr.is_active = True
+        fpr.save(audit_author=self.visitor, audit_notes="added new fingerprint")
+        # Ensure that only the new fingerprint is the active one
+        self.person.fprs.exclude(pk=fpr.pk).update(is_active=False)
+        return redirect("restricted_person_fingerprints", key=self.person.lookup_key)