Slashdot Mirror

← Back to Stories (view on slashdot.org)

What Electronic Door Lock Would You Buy?

Posted by Cliff on from the where-are-my-sliding-doors dept.

zentigger asks: "I work for an ISP that supports internet in several dozen remote areas. Our POPs are typically fairly small shed-like structures, with a couple racks of equipment. For the most part, we can manage this stuff in-band, but frequently we need to have a local agent physically access the equipment for some minor maintenance work or adjustments. As time goes on, the shuffle of keys is becoming farcical and expensive. What we need is an electronic lock of some sort that can be reprogrammed remotely (preferably from a remote console via serial or directly via ethernet) that will stand up to extreme weather. Google certainly turns up lots of glossy brochures — although I don't see how they can -all- be 'The heaviest duty lock you can buy!' Does anyone have good experiences with any particular products or perhaps other means of dealing with the key shuffle?"

20 of 97 comments (clear)

  1. A GSA approved lock of course by laing · · Score: 5, Informative

    Sargent & Greenleaf are *THE* stanrdard when it comes to electronic locks. See here.

  2. Don't give out keys at all. by jhfry · · Score: 3, Interesting

    Your an ISP... you have bandwidth and old servers... simply get an electronic latch, a webcam, and patch it through to your security officers.

    With some easy code, you could remotely unlock the buildings for workers on an as needed basis. Plus it provides video surveillance, and a method to document who accesses the facilities and when.

    Keys would still be in the hands of a few techs for situations when the network is down.

    --
    Sometimes the best solution is to stop wasting time looking for an easy solution.
    1. Re:Don't give out keys at all. by mollymoo · · Score: 2, Insightful

      That would maximise the response time (keys would have to be found) for the most critical incidents (network failure), which doesn't sound like a great idea to me.

      --
      Chernobyl 'not a wildlife haven' - BBC News
    2. Re:Don't give out keys at all. by j00r0m4nc3r · · Score: 3, Funny

      Since your budget is down a bit this quarter, you should just hire an H1-B immigrant to live in your POP shed 24/7 with a cellphone, a small ration of ethnic food, and a DVD of Little Superstar to keep his spirits up.

    3. Re:Don't give out keys at all. by MentalRuin · · Score: 4, Insightful

      Look at what universities use. They have thousands of users that need access to various areas, but only to very specific areas around campus. This includes students as well as staff.

      They need to control who has access, as well as when access has been gained. Most employers now use some kind of ID system, the 'access keys' could be included in the ID. It could be as simple as RFID to magnetic stripes. You could also combine these with keycodes chosen by the individual users. With this dual level of authentication, the keycodes would not need to be updated regularly because of the dual authentication.

      You could use one of your onsite servers to control access and log access. These servers could be updated in real time. The only worry would be that the server could not be updated quickly enough after an employee was fired. This is where HR comes in, if you have your system immediately revoke ID's upon employee termination, terminated employees would not be able to gain access. On the off chance that the servers could not be updated due to communication problems, the server that controls access logs would show that the terminated employee gained access to a facility after their rights had been revoked. Combine this with video surveillance you will have both digital and pictorial proof of the illegal access. In a worst case scenario, one of you security officers would need to physically show up to the site to allow access to someone that has the right to access the facility, but the inability to do so.

  3. Bit o' Warning by thesameguy · · Score: 5, Informative

    A while back I did some consulting for a somewhat remote municipality, who was in your exact same situation. They had small "equipment sheds" located throughout the region, and were having problems maintaining physical access. Their solution was to invest in a bunch of programmable electronic combination locks that they could reprogram as people were fired and/or promoted and not have to go through the whole rekeying process. This created an entirely new problem: People forgetting access codes that changed every several months. These workers worked around the problem the only way they could: Prying open the doors with tools, breaking the doors and sometimes the locks in the process. This forward-thinking municipality ended up footing the bill for the lock retrofit, a bunch of broken doors, and ultimately a return to standard keyed locks. FYI, YMMV...

    1. Re:Bit o' Warning by sirket · · Score: 4, Insightful

      A user should have a combination- not the lock. A user leaves and his code is removed- the lock code isn't changed. In addition- a user uses the same combination on every single lock. It's hardly complicated. It sounds like the systems this municipality used was just broken.

  4. Best lock for the money by Anonymous Coward · · Score: 2, Funny

    Here is my preferred electrical door lock in action. Never had a problem with a burglar yet.

  5. Only a door lock? by Timesprout · · Score: 5, Funny

    I have a complete electronic defense system for my home and I am currently upgrading the AI. It was slow going at first, the AI kept requesting to be given a name. Eventually i gave in and called it Skynet and things have been going quite well, although the Asimo I hooked up to it does like to chase me round the house a lot trying to taser me. I am going to ask one of my mates at the NSA if one of their global domination scenarios can connect and defeat it as a final acceptance test. Should be cool.

    --
    Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
    What truth?
    There is no dupe
    1. Re:Only a door lock? by UnderDark · · Score: 3, Funny

      I'm sorry, but I can't do that Dave.

  6. S&G, HID are standard by mlts · · Score: 4, Informative

    Most companies I see use HID or S&G for card access. I personally would recommend HID (one of their newer card reader lines that use two-way authentication).

    For mechanical lock backup, go with Medeco, Mul-T-Lock, or Abloy. All of which are immune to bumping, are restricted in key duplication, but keys are still decently available when you need copies made at a locksmith with your card.

    Lastly, if you want a solution that is a hybrid, requiring only cylinders changed rather than lock hardware, you might consider the Mul-T-Lock CLIQ series. The CLIQ keys are mechanical and electronic, and the reader is in the cylinder, so no wiring of doors is needed. To remove a key from the authorized list, you just code the programmer key to remove it, then walk around and stick the key in the appropriate doors.

  7. From a locksmith's perspective by Big+Bob+the+Finder · · Score: 2, Informative

    I worked my way through college as a locksmith. I've always favored hardware security (keys) over electronic widgetry. Talking to a Medeco dealer about getting your locks on a solid masterkey system would give you a solid system, but allowing remote sites to be accessed- possibly by different agents each time- wouldn't work.

    One solution might be Videx. I've only glossed over their literature, but they seem to have a pretty good solution in place.

    http://www.videx.com/products/detail/cyberlock.h tml

    Specifically, the section on how "the CyberKey Authorizer enhances CyberLock systems by providing the ability to program and download CyberKeys at remote locations." That might be too pricey for your application. I've never priced out "door" costs on Videx hardware.

  8. How to do the keypad by mrcaseyj · · Score: 3, Insightful
    I was thinking of putting an electronic lock on my door. One of the problems is that if there is someone near that you don't completely trust they may see you entering the combination. My cousin shoulder surfed my password once so I'm a little paranoid about this sort of thing. You can move to block them from seeing you enter it but that can be insulting to your guest. That's a significant issue for someone like my grandmother who may be entering her combo in front of customers she doesn't want to offend.


    So I'm thinking that the way to do it is to have a keypad facing down so that you curl your fingers up to push the buttons so the person near you doesn't see. I figure having only four buttons would make it easier to enter the combo without looking. Buttons on the bottom would also have the advantage of keeping water out of your buttons.


    One of the reasons I wanted a combo was I figured it would also be a lot faster than pulling the key out of my pocket every time. In fact I think a quick combo lock would be so quick that it wouldn't be too much trouble to just leave the door locked all the time.


    Some other good features for the lock would be different combinations for everyone in the house. And some one time use combos and guest combos.


    By the way if you are hiding a key outside your house make sure you put it around the corner or something so if someone is with you then you won't have to reveal your hiding place.

    1. Re:How to do the keypad by jimmyswimmy · · Score: 4, Interesting

      I used to use a system much like you describe. I used to work at a major international airport, which secured some private areas from the public with a cipher lock. It had rocker buttons, five of them, at the bottom of a metal "butter tub". You could stick your hand in there and look inside and see the labels on the buttons, but once you'd seen it once, you didn't need to look again. The rocker buttons were centered and if you press one way it might be a '1' and the other way was a '6', I think.

      A more interesting system was on the front door to my office - a 9-digit keypad where the numbers were lit up in a dot-matrix format. You could only read the numbers standing in front of it, and they would change each time you walked up to it. It was very cool, but they stopped using it in favor of ethernet-programmable fingerprint readers.

      There are a lot of options. The tougher part is weatherproofing any of these solutions. The more fancy electronics you have, the more important keeping water out becomes. Good luck!

      --

      Just my $0.55 (US inflation, 1774-2008, for $0.02)
  9. Re:Can you have the locks keyed the same? by Big+Bob+the+Finder · · Score: 4, Informative

    With high-security systems, the blanks are under patent. Only locksmiths who service those locks have access to them. With most systems, you end up with regional distributors, and if you walk in asking to get a copy made, they'll recognize it as one of theirs and confiscate it- and inform the true owner of what happened. I've actually seen that happen- it's pretty unfortunate for the guy working for a major bank to lose his job over that sort of thing. They can then mike the key and determine whose it is; if it is stamped with a serial number, it's even easier.

    All bets are off if a machinist is available to duplicate it. This is made very difficult with sidebar locks such as ASSA, or with odd keys such as Abloy. A machinist would also have to duplicate the wards and angle cuts if duplicating Medeco keys.

    So while the possibility is there, I have yet to hear of it happening.

  10. Re:Remote controlled lock? by sumdumass · · Score: 2, Interesting

    You need to think like in a house/door lock instead of a padlock. And then think of a security system too. I have a garage door opener that you input your code to open and the alarm stores who accessed what when for 30 days. But I can set up a code for a repair man or someone who I know will be coming over while I'm away and then delete/disable the code after they are gone. and my security system can be controlled by Ethernet or the phone from any remote location. (even viewing the cameras.)

    The Door in the kitchen coming from the garage is controlled by a set of really strong magnets and and hooked through the security system too. Once it is locked, you need about as much force necessary to kick a regularly locked door in to open it. But if the security code gave you access to the house, when you opened the garage door, it would unlock the kitchen-garage door too. Or you could open it separately with the same code on the keypad to the door.

    This is the type of lock/access he is looking for. One that can check the codes and have the codes changed from remote locations to allow someone to enter and then deny access as soon as they complete thier jobs.

  11. Re:Remote controlled lock? by Door-opening+Fascist · · Score: 2, Interesting

    We have an RFID-based card access system where I work. The local stations keep a log of all cards allowed on a particular door in the last six months, so it'll open the door for those cards even if the network is out.

  12. Avoid Chubb by humberthumbert · · Score: 2, Interesting

    Whatever you do, avoid Chubb like the plague.

    The "brains" of the system run on useless software that will not work without a hardware dongle. Check before you buy, I'm sure there are plenty of vendors who pull the same shit out there

    Also, are you SURE that a keypress box (lockable box with hooks for hanging keys) won't do? When I was in the military, that's what we did. Never had a problem as:

    a) We exchanged keys for identification (no ID, no key!)

    b) If you lose the key or run away, we have your id, and we will hunt you down.

    With a well-kept logbook, you cannot go wrong. Not to mention, no dicking about auditing whose keycard has access to which area when. If the key is missing from the keypress box, someone is using it. If it's missing after the official visitor hours, you have a problem. Scales pretty well up to a few hundred keys.

    Of course, make sure you buy decent locks. Also, someone could always try to forge the keys. But that's what armed escorts are for.

  13. Careful with upgrades... by Bazman · · Score: 3, Funny

    Our recently refurbed admin building ("Hey! When are we plebs going to get our leaky windows replaced??") had its grand opening the other day, complete with University bigwigs and minor royalty. The day before it seems someone decided to upgrade the security system firmware.

    When they did this, there was nobody inside. And they locked themselves out. They figured if they set the fire alarm off then the override would fling the doors open. But it didn't. They had to get someone in to smash through the security door to a) get inside and b) stop the fire alarm.

    I imagine all the mess was cleaned up before the princess arrived.

  14. Re:Using iButtons as keys by mmontour · · Score: 2, Informative

    You unlock them using the Dallas Semiconductor iButtons. Each one has a unique serial number imbedded it it and it can't be copied. A serial number certainly can be copied. Relying on it for security is like relying on MAC-address filtering on a wireless router (i.e. insufficient). You can't copy the serial number onto another iButton, but you can program a little microcontroller to speak the same 1-wire protocol and pretend to be the iButton interest. It's not hard to discover the serial number of an iButton; it's printed right on the case of each device.

    There used to be a "crypto iButton" that provided real copy-proof security. It could be programmed with a private RSA key, and could be challenged to produce a signature that you could then verify with the user's public key. The physical device was quite tamper-resistant so it would be very difficult for an attacker to extract the private key. However this product seems to have been discontinued a few years ago.