The main objective of this research is to provide security to confidential information contained in mobile devices like PDA's and laptops. Hence the model is proposed to ensure the secure authentication as well as secure access to the required information. The secure authentication is ensured by combining two previously used authentication modes in the devices, that is: password-based and biometric authentication. Furthermore, the authentication information are not stored at a single point hence provides higher security and less risk. All the authentication information is distributed over local and remote (server) nodes. Decrypting only the required files leaving the rest of files encrypted can ensure the secure access to the information using session and file management proposed in this model. The proposed model of combining both mechanisms provides better security and reliability as compared to previous systems.