NFC computer login
Hey all,
I suppose I should ask this in some tech forums, but I figured some of you may have some insight.
I have the Dangerous Things xNT NFC installation that I'm sure a lot of you have, and it's great and I love it. I was using it to log into my windows 8.1 professional machine, but I broke something and it doesn't work anymore, and I'm getting tired of troubleshooting.
Do any of you all have a similar set up, and are able to log in with a wave of the hand? Do you have a third party app to manage the login creds, and if so what do you use? Or did you just use some registry tweaking that I can't yet figure out?
Details on my situation, if anyone can help: windows 8.1 pro, acr122u smartcard reader. I was using NFC CSP Lite to generate the login certificate, then EIDAuthenticate login. I started with their free EIDAuthenticate enterprise demo, but that only lasted 30 days before they asked me to pay ~$90usd. I tried EIDauthenticate private (free), but had to hack it to work with win8.1pro, and it worked for just a few days. Now it wont use any certificate without an invalid keyset error. I don't know if the issue is with my certificates or the hacked version of EIDAuth or other.
I suppose I should ask this in some tech forums, but I figured some of you may have some insight.
I have the Dangerous Things xNT NFC installation that I'm sure a lot of you have, and it's great and I love it. I was using it to log into my windows 8.1 professional machine, but I broke something and it doesn't work anymore, and I'm getting tired of troubleshooting.
Do any of you all have a similar set up, and are able to log in with a wave of the hand? Do you have a third party app to manage the login creds, and if so what do you use? Or did you just use some registry tweaking that I can't yet figure out?
Details on my situation, if anyone can help: windows 8.1 pro, acr122u smartcard reader. I was using NFC CSP Lite to generate the login certificate, then EIDAuthenticate login. I started with their free EIDAuthenticate enterprise demo, but that only lasted 30 days before they asked me to pay ~$90usd. I tried EIDauthenticate private (free), but had to hack it to work with win8.1pro, and it worked for just a few days. Now it wont use any certificate without an invalid keyset error. I don't know if the issue is with my certificates or the hacked version of EIDAuth or other.
Tagged:
Comments
A better bet, and the one I use daily, is the RFID implant Amal sells (I think it's called the xEM). Use that with a cheap $10 USB reader from Amazon, the reader jsut reads the tag and then outputs the numerical ID followed by a newline. Set that number as your password and scan your hand to login at the prompt without touching the keyboard. I would recommend using it only as the last PART of your password for security reasons, effectively using two-factor authentication on your login (something you know, and something you have) and also adding complexity in case of cracking attempts. Since it prints a newline after the scan, it works great if you type in the first chunk of the password and then scan your hand to "authorize" it.
http://www.amazon.com/125KHZ-EM4100-Proximity-Reader-5Keytags/dp/B00FZLZEIC/ref=sr_1_5?ie=UTF8&qid=1407842669&sr=8-5&keywords=usb+rfid
http://www.amazon.com/ARIIC®-Security-Proximity-Sensor-Reader/dp/B00CWSJ0DQ/ref=sr_1_7?ie=UTF8&qid=1407842669&sr=8-7&keywords=usb+rfid
The IT wonk in me is nervous about using the RFID/NFC to act as a a cut/paste of plaintext. There's nothing stopping someone from finding the UID of the chip and (with your typed portion of the password of course) just typing in the full text. Still, it does do some mitigation against over-the-shoulder security breach.
Worth mentioning also the RFID reader you link is a 125khz reader, it will not work with xNT (or any NFC chip). I haven't figured out yet how to get my NFC reader to spit out plaintext pre-windows login. Maybe I just need a new reader...
Sort of like people worrying about using RFID or bluetooth to unlock a car. "What if someone steals the wireless ID? They could get into your car!" True, assuming they have both the know-how and the equipment...Or, they could just smash out the window with a rock they picked up off the ground for free.