If you have ever forgotten your computer password after a long weekend or maybe you can remember it but just can’t seem to type it correctly, [Thomas] has a project for you. It’s a physical key that locks and unlocks your PC.
So how does it work? The heart of the project is an Arduino Leonardo. You may recall that this board is a bit different from the preceding Arduinos as it can enumerate on a host computer as a Human Interface Device (HID), such as a keyboard or mouse. The Arduino sketch continually reads an input pin using an internal pull-up resistor to make it logic high with the key switch connecting the signal to ground. When the Arduino sees the pin change from high to low, it sends out a keyboard command consisting of the Windows Key and “L”, which is the keyboard shortcut for locking the computer.
When the physical key is turned again, the Arduino sees the pin change back to a high state and it again emulates a keyboard but this time enters your password. You do have to include your password in the Arduino sketch for this to work. In addition, there are two LED’s wired up to show if the computer is locked or not, but you’ll be able to tell pretty quick when trying to get back to work.
The Arduino sketch and Frtitzing diagram are available at the above link in case you would like to make one yourself.
Whatever happened to just having an actual key lock on the front of the computer that blocked the keyboard from working?
That worked when computers came with one single possible keyboard port, it’s going to be harder with a computer with 8 USB ports in 3 locations, especially if you also want other USB hardware to keep working when the keyboard is locked out.
Set policy to require Admin-rights to perform plug&play installs
Install keyboard/mouse – just whatever to cut the power to those two devices
also disable OSK , just to be sure :D
Great, now do it over again, but use a piece of PCB with a serial memory as the key, and store the password(s) on the serial memory, encrypted if possible.
One idea for a simple encryption is a one-time-pad type mask in the lock, that way anyone finding just the key wouldn’t know the password, they would need access to the mask in the microcontroller.
All that, and then face palm when someone walks up with a paperclip and jumpers the pin on the arduino or contacts on the switch…
a yubikey?
Perhaps it should have custom software running on the PC that serves as a Windows Credential Provider. (Or for Linuxey types, an xlock style program.)
While the highlight of the hack is undoubtedly the coupling of a physical key with the computer, for security I’d probably just use Windows’s already-present capability to use a smart card to log in with. That way the computer can’t be compromised by a lockpick either. ;)
I love Tengu… there is also one on my desk.
With this level of security, you could also write down the password and put it in a box, next to the keyboard!
Two attack vectors:
– take it apart, short the lock pins with paperclip
– plug it into a different computer, short the pins: plaintext password is revealed
Love the plug it in option!
Either way it makes no serious impact on the default windows security risks then.
So
Does this disable the keyboard?
Can you lock your pc from the keyboard with the key in unlocked position?
Then you are out of synch with the key and need to use the keyboard to log back in?
Disabling the mouse is more discouraging in my experience. And if you ever had a mouse fail on you you know what I mean.
dont forget your 5th amendment rights, americans. The popo can compel you to give them a physical key, but they cannot make you tell them your password.
Better yet, write a custom credentials provider: http://msdn.microsoft.com/en-us/magazine/cc163489.aspx
For those who are competent wiring line level electrics, just add a properly rated key switch in series with the power supply input wiring.
Yes, this could be circumvented by replacing/rewiring the power supply, but anyone who has that level of access to your computer could just take the hard drive and run anyway.
Old computers (very old) like the PDP-8 had a key operated power switch. Keys offer more security for very important systems. Looking over a shoulder is easier than stealing
“Lightbulb” – For laptops with cameras use QR code printed on a piece of plastic attached to your keys to unlock your computer. Sure, it can be copied once the attacker gets access to it, but should be more secure than unlocking with face supported on some versions of windows. Nothing beats the remembered password though. Opinions?
It could work, good idea! Indeed more secure than any face recognition. I would put a small QR but with a large, high entropy code.
As almost any physical key, it can be “copied” using a photo of it: http://vision.ucsd.edu/~blaxton/sneakey.html That is why you never show your keys, anyway.
There is always the balance between security and convenience. Remembered passwords are good, but public-key cryptography is better because its “password” (if any) never has to travel outside your computer.
Needs to be two keys located at both side of the room that have to be turned simultaneously :)
can u post the project ? or some to do this amazing job ?