What are the alternatives to door passcodes?
As a general rule to remember: Don't make it to hard to use! If it's to hard to use and you keep forgetting, all you've done is shown that you need a different security method to make your door usable.
Things mentioned in this post:
- Private/Public authentication (keys)
- UUID pre-authentication (fobs)
- MFA(specifically 2, fob and code gen)
Things mentioned in the do not use section:
- Biometry
- Security Guards alone
- Cameras(security theater)
- Security Through Obscurity (Handshakes/patterns)
- Roll Your Own Security
Well, with a door there's always physical security like keys to look at.
A lock is a private/public system where a physical public key is used to access the internal private mechanism (tumbler). When a user inserts a copy of the public key, they can gain access to the door and can modify its internal states (including unlocking, and locking it themporarily). This can be enhanced further by a timeout that causes the lock to lock itself, preventing follower.
Pros
- Faster (put in place, turn)
- Easier (one action)
- Almost as secure as passwords (replication based on sight)
- User Pre-Approval (only a copy of the public key gains access, so you control in advance who gets it)
- Strong to interception (someone would have to run a pretty strong grab attack to gain access)
- Widely accepted and used (most people are already used to the system)
Cons
- Bad users replicating keys and leaving them around (only an issue if someone can find the lock it goes too, but worth mentioning)
- Bad users giving copies of the key to other people who aren't supposed to have access
- Bad locksmiths who keep copies of the keys for nefarious reasons
- Loss prevention (he who has the key, has the power)
As you can see above, unless you run into some bad user/system adminlock smith situations you should be fairly safe as long as you make sure your ciphertumbler is safe against the usual brute forcebump key/tamper (lock pick) tactics that exist out there and is installed with long screws and a strong door frame.
Okay, let's say you want to completely do away with passwords. Now you can do something called a universally unique identifier (UUID) with pre-registration to the lock.
For this you generate a long, hard-to-guess string that gets stored on a device that gets registered with the system in advance. If that generated thing was always registered in advance you can easily change it and try to restore it before you put it on the device to give to the user. Now if the user wants access, they just put the device up against a reader, which confirms the string with your security system, and they gain access!
Pros
- Faster(put against square, wait for light)
- Easier(one action)
- More secure than passwords
- Ease of use(just put it on a small square, and you're in)
- Pre-registration means easy tracking
- UUID is so unique it can register every atom in the universe(good luck running out)
- Impossible to replicate without already knowing the string
Cons
- Bad system users (users with access to the codes internally could cause issues, scripts are you friend)
- Loss prevention (whoever has the fob, has the power)
- LOSS PREVENTION
Really this system is as secure as a key, but gives the extra advantage of unique "fingerprints" for the device they use to enter the building, meaning you can easily track who comes and who goes with what key.
That loss-prevention con is a big one though, as then the person needs to come back, prove they are who they say they are, and you need to invalidate the old key, flag it to watch for someone who stole/found it and tries to gain bad access, and give them a new one with the hopes it won't happen too often.
If a key is something that is easily captured or replicated in the part of town your door is going to be installed in, or your users are REALLY bad about loss prevention, you could instead look at pinned unique identifiers like magnetic key fobs and a time-based password delivered over text message or through a special device, which is called 2-Factor Authentication
Using this technique, a user is given/makes a password to the security/lock system which is stored in a key fob. Then they register their phone with a service that will generate the other password they need to enter for them upon their request. Now when a user wants to gain access, they present their key fob and enter their password from their phone into the keypad. This provides extra security from bump keys and locksmiths because you can tie a security system into it and analyze who tried to gain illicit access in an incorrect manner so you can lock out their credentials and they have to come and get new ones at security.
Pros
- MUCH stronger security than passwords
- VERY strong(the password can be good for as little as a minute if you decide to set it up that way
- Extra security techniques (you can instantiate rate limiting, lockouts, and credential rollover)
- Pre approval baked in (they have to register with you to even make their fob active)
- You can know the exact time frame someone
logs inunlocks the door based off of the password that got confirmed (once confirmed, write and entry in your security logs) - Uniqueness (each fob stores something from the user, and each text is based purely on the pre-authenticated phone number which allows for limitless unique entries in your security system)
Cons
- Loss prevention (if someone loses their phone/fob you have to reissue a whole new credential for that part of entry)
- Ease of Use (you always have to have these present. If you forget one you have to go get it)
Wow, that's a short list of cons with a long list of pros! Heck it even gives you remote security abilities!
It's a little hard to implement though since there are a lot of systems that would have to be put in place, but that's not really a con and more of a setup cost.
The "do not use" section
Biometry is a cool idea, but horrible in practice. This is like fobs, but accuracy can't be guaranteed here, and it can be thwarted with something as simple as silly putty. People also change over time. It's just a bad in practice.
Security Guards when used alone is also a don't-use this protocol. They can be overpowered, bribed, subverted, and have biological needs that may cause holes in your security during unknown times.
Cameras provide NO SECURITY on their own. They're really more of an addition to security, and can't actually stop something. It's akin to a Security Theater. Sure you could watch it all you want, but really all you're doing is fooling yourself into thinking it's secure. Someone can still break in if a camera is there, and it's really easy to hide from.
HandshakesSecurity through Obscurity is another bad case of security theater. If I have to knock twice, say a phrase, knock again, and then turn turn the key why would I ever use this system? I'd look like an idiot, and someone can just replicate the steps. You gain no more security here than you do with a key, and it's harder to use.
Making Your Own Security Protocol/System should be avoided at ALL costs unless you're doing it for research and testing purposes and let EVERYONE bang on it to confirm just how smart you are (or bring you crashing to reality on how bad your idea was). Until it's proven as safe, it's nothing more than a really bad play in the Security Theater showing.