Category: Blog

There are lots of interesting security models in the lock manufacturing industry, and most of them are based on complicated machining of either keys or pins or both.  This, along with patent protections, prevents illicit key blank production. Somebody could study a key blank and make a production run of them but it would be prohibitively expensive and the lock manufacturer purposely releases blanks that are machined differently before the bitting of the key is even a factor.

A new era has donned.  Now people can replicate a high security key with nothing more than a high resolution picture.  I have offered the service of replicating keys by photograph already, but I am talking about 3d copying a very complicated object for $5 if they have an image of the object that allows them to make relatively precise measurements.  Pictures in a newspaper of a key could mean unlocked doors. If the would-be copier has physical access to the key then it is a much easier problem to solve.

The answer to this problem lies in more factors of authentication.  This will probably take the form of physical and electronic challenge and response.  That is, not only will the key probably have to move some pins into the correct configuration but there will also probably be an encrypted electronic communication between the lock and the key, similar to modern cars.  This will be a stepping stone to using your phone as a key and then some other wearable object or implant if I had to guess.

The point of all of this is that you can’t let your keys fall into the wrong hands if the key protects something really valuable, even for a few minutes. If the key is just to your garden shed then the risks are minimal. If the key is to your collection of gold and diamond jewelry that is publicized, you need to make sure that your stuff is secure.

Making sure that you have good security is more than just having an expensive lock. It also means knowing who has the key, making sure that there is accountability for who has the key, and also making sure that not only the lock but the entire building around the lock is secure. If you are securing something really valuable this may mean a fiberglass door and doorframe, reinforced windows and grates, an alarm system, etc. Modern technologies complicate this further requiring that those with the key do not let it out of their sight for even a few minutes. They can also not display the key in public where it might not be photographed.

The alternative is to switch to expensive electronic access solutions.  I can provide electronic security but there are caveats, it is not without its own vulnerabilities. A combination on a lock can be watched from afar. A fingerprint can be duplicated. An iris scan can be duped through methods that can be seen in horror movies. I don’t recommend locks that use biometric security because a fingerprint or iris, once compromised, cannot be revoked (not to mention that with such requirements there is a great incentive to remove an eye or a finger for bypass of the lock, see horror movies). For the truly paranoid the answer is in careful key control and keeping current with lock technologies (and their vulnerabilities). Knowing is half the battle (-G.I. Joe).

Duplicating a key is much harder if you have to duplicate not only the physical form of the key but also spoof the electronic portion.  This cannot be deduced from a high resolution picture. To replicate such a key would require complicated challenge and response spoofs. If such a method of authentication became common, well-meaning staff of higher education would most likely develop methods of circumventing it, just as WEP was compromised. These people are not to be blamed. Even as they publicize these vulnerabilities, people in the former USSR are developing the same exploits at the same speed because they have more to gain than university researchers making less than $40,000 a year. They should be lauded for publicizing these weaknesses because publication forces the manufacturer to update their product. In this modern era those with expensive property cannot rest on their laurels and trust the last generation of security products and its vulnerabilities, because criminals are now researching exploits as quickly as products are manufactured.

I cannot say what the future holds for security. In the near term I can only offer the prediction of a mechanical key with an electronic component, or a completely electronic component. Either way it is a very interesting time to be in the security industry because it is the first time in history that physical security on its own is in some cases no longer enough.

Just got my cloning device in the mail.  I am now in the cloning business.  You are not limited to getting more keys from the dealership. I can clone your key for less money. I can’t do remote head keys with the buttons on them (though my friends at Broadway Locksmith can) but I can clone a transponder key that will start your car and unlock your car door.

My keys won’t have batteries.  Their chips are passively powered through induction by the car’s ignition.

Haven’t figured out my prices yet but it will probably be on par with everybody else except after six pm and on the weekends and holidays.

Today a customer asked a very good question of me: how do you prevent somebody from hiring a locksmith to open your door?  Most locksmiths have a list of prerequisites to fulfill before they will open a door for somebody including challenge-response authentication or by address on a state-issued license, but how do you help them make the right choice?

What if some locksmith gets tricked?  How do you warn a locksmith not to unlock a door for a crazed ex-wife/ex-husband/evildoer?  The best way to warn a locksmith not to enter your home and rekey your lock is to put a sign in a window near the door instructing a locksmith not to open the door for anybody except ___________. An equally good preventative measure is to warn anybody who might try such a thing that you have surveillance cameras and a cadre of lawyers.  Another supplemental is to replace your locks with cylinders that are very difficult to drill or pick.  If you have an expensive lock cylinder with a restricted keyway it will make locksmiths ask questions about who sold you that cylinder, why you don’t ask them to come out and unlock the door or rekey it, etc.  If you have a cylinder with a restricted keyway the likelihood is that somebody has the bitting for that key filed away somewhere.

Be preemptive.   If you suspect somebody is going to try to break in make sure they know that a loud alarm will go off when the door gets opened and they will be videoed opening the door and the video is automatically being uploaded to an offsite location that is password-protected.  Make sure you have legal help against people you are wary of such as restraining orders or at the very least you have filed a complaint with the police against the person or persons to establish a history for the authorities to look at.

Schlage is being dragged into 2015’s market for the residential networked electronic lock.  August, Kwikset, Yale, and even Samsung all have viable entries in this market so no doubt there was pressure on Schlage to innovate.  Schlage’s update to the BE365 is the BE469NX.  The BE469NX has a few advantages and a few disadvantages when compared to its predecessor.  The BE468/BE469NX has a motor or servo in it making it vastly more complicated than its old clutched forerunner.  I am dubious about how long these motors are going to last and am leery of warranting these locks.

The problems described here assume the door is open.  If you are having problems only when the door is closed the strike is probably installed wrong.  This was not such a problem with the BE365 because you could easily push or pull the door to account for minor strike misplacement.  If you want to remotely lock your door with the BE469NX though you have to have the strike aligned perfectly.  The strike must remain aligned perfectly even after changes in humidity when the door might expand.

It is important to follow the steps in the instructions very closely, namely right after you install the batteries.  If you try to use the thumbturn before the lock calibrates itself you are in for trouble.  Sometimes even if you follow the steps correctly you are in for trouble.  I recently installed one where the gears were not correctly aligned.  I had to completely disassemble the lock and slowly spin the servo’s gear with my finger until the gears were properly aligned to allow free use of the thumbturn.  I could have sent it back under warranty but that would waste my time and that of my customer’s.  There was nothing wrong with the lock except the initial placement of the plastic gears.

Sometimes this problem can be corrected by resetting the lock’s software by disconnecting the battery and reconnecting it while holding your finger on the Schlage button.  That was not the case in this instance, though I have successfully used this step before when this deadbolt was not extending its bolt the full 1″.

The only reasons to get the BE469NX are if you want to be able to remotely lock or unlock the door, remotely add and delete codes, or if you want to have a rudimentary alarm built into your lock.  This lock is really amazing and inexpensive for somebody wanting to set up an AirBNB, especially if you set up the remote control with a free monitoring solution like Nest.

If you don’t need any of these options though, Schlage is also selling a really great electronic touchpad deadbolt that is not network-ready, and also has no keyway.  This is great news for people paranoid of network security and physical break-ins because the hardest lock to pick is one that doesn’t have a keyway, and the hardest network device to remotely hack is one that is not on a network.  This lock is actually bump-proof and pick-proof.  Furthermore it is clutched and doesn’t use a motor.  That means this lock will last a really long time, probably longer than the BE365 because there are no longer button holes for moisture to leak through.  The best part about the BE375 is that it is far less expensive than the BE469NX.  Arguably the other best part is that there is no servo/motor.  It all depends on your criteria for a deadbolt in the end.  It is a really great lock, no question.

No matter who you are, it is a great time to get an electronic deadbolt.  They are now much easier to install with nothing more than a phillips screwdriver if your door is already pre-drilled.  And if you hire someone else to install it, for the first time you can reprogram the lock yourself after the installer has installed it and left, locking out the locksmith.  As long as the programming code is saved the lock can be reprogrammed infinitely, saving on the cost of a locksmith.  They are also easier to rekey.  I charge less to rekey the new Schlage electronic deadbolts because there are no longer ten screws to unscrew to get to the cylinder.

If you want to install one of these I charge $50 to set these up correctly if you buy it yourself, or if you buy it from me and the holes are already in the door I charge $15.  If you buy one of these somewhere and live in North Seattle, I will charge:

• $65 Service Call (within five miles of Green Lake)
• $50 to install your electronic deadbolt (you provide deadbolt)
• $19 to rekey to match your other Schlage locks if the lock has a keyway
• $45 to drill holes if there are no holes or they are in the wrong places.

=$179 total, tax already included, plus the deadbolt.  If you want to buy the deadbolt from me I guarantee it will work for three years.  I will charge $15 instead of $50 to install it.  Rekey is free if you buy it from me.  There is no parts warranty if you did not buy the lock from me, but I will guarantee the installation is done flawlessly.

These locks are pretty cool.  If you want to be able to lock or unlock your door remotely, these are a great deal for the money.  You have to know how to set up an automated system using something like a Nest controller because I don’t offer that service, too many bugs right now and I hate callbacks.  That said, these locks are great and easy to install with a few caveats:

When you install these, read the directions and don’t skip a step.  If you force the bolt over before putting the batteries in to check the alignment you might mess up the gears in the lock.  I don’t know if it came messed up from the factory or not but I recently spent an hour learning how these locks work inside and out because the lock was making a terrible grinding noise after the bolt retracted.  When I took the servo housing apart I found that one of the gears was sitting out of its housing and was rotating over another gear it was supposed to mate with.  I am going to make a youtube video of the problem and how to fix it because I am sure I am not the only person with this problem.

Anyway, this might have been avoided if I had followed the instructions.  The last two I installed went flawlessly because the first time the bolt was extended was after I put the code in.  You have to let the deadbolt extend the bolt the first time.  A big issue with these is strike placement.  You always want a deadbolt strike to be perfectly aligned so that you don’t have to push or pull on the door to get the bolt to extend properly.  It is especially important with this lock because it has a battery-powered motor which might fail if it encounters unnecessary resistance.

Schlage’s old BE365 was nice because it had no motorized parts.  There was very little that could go wrong.  The few times I have seen them fail was due to corrosion because one was installed on a cedar fence gate without any sort of sealant (I would apply silicone sealant liberally in this application) and also an amateur installation where somebody routed the signal cables through the door near moving parts so that they wore down with use and wore right through the copper wires.

Schlage came out with a very good replacement, the BE375.  It is all of the best things the BE365 had but updated with a touchscreen.  It isn’t networked yet.  It doesn’t have a motor but is clutched, so it will be working long after the BE469NX’s motor has bit the dust.  It has no key override, making it a very difficult lock to pick indeed!  Perhaps it is the first lock Schlage has ever offered that is truly bump-proof.  In the event that the batteries in it die despite numerous warnings it will give you for weeks beforehand, you can stick a 9-volt battery on the outside of the lock to temporarily give it enough electricity to open.  It remains to be seen what will happen if somebody connects a car battery to the leads on the lock.  History has shown that providing a power sink on a lock introduces vulnerabilities like spiking power to the device causing it to open.  This worked on certain safes from years ago when electronic safe locks first made their appearance on the market.  Now safe lock manufacturers have wizened up and no amount of amperage will open a good safe lock (unless it is connected to a cutting torch or angle grinder or drill).

I am testing out my Miracle A9.  I am on my way to paying it off; I have cut multiple laser keys successfully with no problems reported by my customers, so I invested in Miracle’s conventional sidecut key clamp, which at $250 you hope will work (you probably have to cut well over 100 keys to make this pay for itself).  I have high hopes for this machine and hope that maybe I can use it as a single solution for all keycutting in my van.  The Miracle A9 is not ready for prime time in that regard though and here is why:

If you are trying to replace your HPC 1200 and whatever duplicator you use you need to trust the database built into the Miracle A9.  Cutting a simple Schlage SC1 proved to be a failure.  With a blitz it is a sixty second job.  With the A9 it is a confusing series of menus and more like five minutes all resulting in only partial success…

When I tried to duplicate a Schlage factory original key with a bitting of 45422 I went to the menu and selected Schlage as the manufacturer.  There were three different options for Schlage blanks.  Going into the various submenus, the first didn’t list any key blanks.  The second listed lots of keyblanks  but I didn’t see SC1 anywhere.  The keyblanks supported under the second option actually continued off of the A9’s screen so it might have been listed offscreen.  I determined by trying to decode the Schlage key under this setting that it was the incorrect one.  The decoder was not going into the center of each cut and it was getting depths that were wildly different.

I selected the third option and the Miracle A9 successfully decoded the blank.  Proceeding on with the test I put a blank in the clamp using the shoulder stop and told the A9 to cut the blank.  I punched in the code manually and used the same menu settings I had used to correctly decode the key.  Success, I thought, was certain!

The key that the A9 produced was not very conventional looking.  Instead of a regular sidecut key with teeth it produced a key with flat mesas.  That could be good:  the key is less likely to catch your pocket lining or handkerchief, I thought.  When I stuck the key into the Schlage B660 cylinder the factory original came with, it didn’t turn.  I jiggled it a little and discovered that if the Miracle A9’s codecut key is pulled out about 1/4 of a space it does turn.  Not ideal.  The entire point of the shoulder stop is to get the correct spacing so customers can stick a key all the way into a lock cylinder and it will just work.

Using the Miracle A9 to codecut Schlage keys may work in an emergency where your other codecutting options are not available.  Be aware that the depths will be correct but the spacing probably won’t be.  You have to figure out the correct menu order which is not at all self-explanatory and then you get a key which the homeowner will tell you doesn’t work.  Now it is time to check if there is some firmware update or if using a computer attached to the Miracle A9 will fix this problem.  Until then I guess I will just use this machine to cut high security car keys.

A lot of people are asking me about how they can get a lock they can remotely change the combination to.  A lot of them want to be running AirBNB or rentals.  I have answers for you!

My favorite lock for an AirBNB situation is the Schlage be469nx.  Schlage wants you to pay them $9 for their monthly service through Nexia but that isn’t necessary.  Zwave is an open protocol and you can connect a Schlage BE469nx to your router through SmartThings, Vera, Wink, and Lowe’s Iris to name a few.  If you are tech-oriented or have someone in family who is, you could have a networked deadbolt set up for extremely low cost. 

Once your deadbolt is connected through wifi, as long as the wifi router is powered you can change login combinations remotely.  That means you can lock people out, add new combinations, etc.  If you install a Dropcam in conjunction with a lock that is controllable with wifi you can remotely let people in safely.  This is a huge savings over what similar hardware that did the same thing would have cost just a few years ago.  One can literally monitor who is coming and going for less than 10% of the cost of a few years ago.  The Amazon cost for one of these locks is now less than $200.  A Dropcam is only $200.  If you set it all up using zwave and a free monitoring program you can remotely monitor a property for $400 cash.  That is extraordinary.

If you want to change credentials remotely on the cheap, there is no better solution than the Schlage BE469nx.  Of course there are better locks available for commercial solutions, namely from Alarm Lock, but if only a few people are accessing your property per day then the Schlage offering is fine.

I install these locks for less than $100 (plus cost of lock) in the North Seattle area.  You can have your property up and running in less than a day if you call me.  I have installed numerous be469nx locks as well as other locks that are wireless flawlessly.  Important steps in the process are making sure that the bolt goes into the door frame/strike smoothly.  If you hire a cowboy to do it and the bolt doesn’t go in smoothly your battery will die prematurely or even worse your lock’s servo may burn out and then you have to RMA your lock.  What are you going to put on your door while the lock is being RMA’d?

I have been getting a few calls recently from homeowner’s associations and commercial property owners who have experienced break-ins after criminals forced a door open.  They did so in two cases by merely pushing a commercial lever down really hard.  You would think that door hardware manufacturers would design their levers to fail secure, that is to design their locks to break with the door still locked.  That is frequently not the case.

Most commercial levers have through bolts that go through the door above and below the lock and their purpose is to keep the lock from rotating.  If the lock rotates it may retract the latch and the door will open.  Schlage’s AL series of levers are very popular hardware for commercial property owners but these levers in particular seem to be pretty susceptible to forced entry, especially the fixed levers.

Fixed levers are rigid so a hooligan seeking entry to your building merely needs to stand on or hammer that lever and in at least a few recent cases I am aware of that has gained them entry.  There are numerous things to be done to prevent this.

You can get a clutched lever.  These are levers that are not rigid, so people have a much harder time standing on them or forcing them.  They are confusing to people who haven’t encountered them before though.  Lots of people expect a locked door to have a rigid lever and if the lever is not rigid they expect that door to be unlocked.

Second option is to get a lever designed to fail secure.  Schlage released their Vandlgard locks which promise to not allow entry to those who force the lever over.  They have an MSRP of $500 though. I am a big fan of the Marks 195 Survivor Series. They have a hefty price tag but they are very resilient to forced entry and stand up well to abuse. They are also made in America.

Another good option that is less expensive is to cover the lever with a lever guard.  This makes the lock very difficult to manipulate with brute force, though it can still be drilled.  The lever guard is installed over the lever and secured with three bolts.  One concern I have with this solution is that a criminal can tie a chain through the lever guard pull handle and pull the door off with a truck or winch.

The best solution to this problem is to remove the lever and install a rim cylinder and panic device.  There is nothing on the outside of the door that a criminal can try to force.  There is nothing to grab onto except for a minimal pull handle.  The criminal is forced to reckon with the lock itself.  If that lock is a UL437-rated lock with steel pins to prevent drilling then the criminal has a very difficult job ahead of him or herself.

Today a customer asked me to put a lock cylinder in a sliding glass door so I got out a Slide-Co SC1 cylinder I had bought for the purpose.   Had to rekey the cylinder so I started unscrewing the cap and discovered that the cylinder turned without even having a key in it.  When I took the cylinder apart I discovered that all of the top pins are actually bottom pins.

Lazy locksmiths use bottom pins as top pins because it makes nearly every key work when put into the cylinder.  If you use one bottom pin as a top pin, nearly half of the possible bottom pins will still work for that chamber.  If you aren’t able to picture that, know this: the security of the cylinder is compromised if somebody does this in a few chambers.  If they do it in all of the chambers, they may as well not put any pins in the cylinder at all.  The cylinder I had would literally open if I used my fingernail.

The other issue with this cylinder: the plug came filed down from the factory.  Lazy and inept locksmiths sometimes decide to file the plug in a cylinder down because they are unable to find the proper pins to match the depths in a key, or they want to make multiple keys of different depths work.  This makes the cylinder inherently insecure.  There are certain situations where I can see somebody filing the plug down to make a bunch of people’s keys work but you shouldn’t get a cylinder plug filed down from the factory.  There is really no excuse.

What can you do about this?  If you put one of these in your door, make sure that a screwdriver doesn’t turn your sliding door’s lock, and try multiple keys not meant to open that lock to make sure that none of them work.  If the lock fails either of these tests, consider bringing the cylinder to a locksmith to fix the issues I have described.  The top pins need to be replaced for the cylinder to do its job properly.

A better solution would be to buy a better cylinder.  Unfortunately, most patio door and sliding door locks are designed to only work with these terrible after market cylinders.  I am still looking for a proper solution to this problem.