Forgot your password?
typodupeerror
Security

What Electronic Door Lock Would You Buy? 97

Posted by Cliff
from the where-are-my-sliding-doors dept.
zentigger asks: "I work for an ISP that supports internet in several dozen remote areas. Our POPs are typically fairly small shed-like structures, with a couple racks of equipment. For the most part, we can manage this stuff in-band, but frequently we need to have a local agent physically access the equipment for some minor maintenance work or adjustments. As time goes on, the shuffle of keys is becoming farcical and expensive. What we need is an electronic lock of some sort that can be reprogrammed remotely (preferably from a remote console via serial or directly via ethernet) that will stand up to extreme weather. Google certainly turns up lots of glossy brochures — although I don't see how they can -all- be 'The heaviest duty lock you can buy!' Does anyone have good experiences with any particular products or perhaps other means of dealing with the key shuffle?"
This discussion has been archived. No new comments can be posted.

What Electronic Door Lock Would You Buy?

Comments Filter:
  • by laing (303349) on Friday April 20, 2007 @06:41PM (#18819003)
    Sargent & Greenleaf are *THE* stanrdard when it comes to electronic locks. See here [sglocks.com].
  • by jhfry (829244) on Friday April 20, 2007 @06:46PM (#18819037)
    Your an ISP... you have bandwidth and old servers... simply get an electronic latch, a webcam, and patch it through to your security officers.

    With some easy code, you could remotely unlock the buildings for workers on an as needed basis. Plus it provides video surveillance, and a method to document who accesses the facilities and when.

    Keys would still be in the hands of a few techs for situations when the network is down.
    • Re: (Score:3, Insightful)

      by mollymoo (202721)
      That would maximise the response time (keys would have to be found) for the most critical incidents (network failure), which doesn't sound like a great idea to me.
      • Not if the responsibility is given to a select few "higher-tier" personel, and even less problematic if part of their duties is a round of the remote stations every six months for a routine check anyway.
        • by mollymoo (202721)
          I don't follow. None of that changes the requirement for managing physical keys, which is exactly what the questioner is trying to get away from. If managing the keys wasn't a problem, they wouldn't have asked the question, would they?
          • by jhfry (829244)
            I was under the impression that the issue wasn't so much the use of keys, but the number of people that need to use them on an occasional basis.

            If the submitter was indeed trying to eliminate keys altogether, then I apologize for being off topic.

            Oh, and I honestly can't think of a situation where an electronic lock doesn't need a mechanical method of opening the door, other than one involving Jack Nicholson and an ax, when the electronics fail... thus still requiring a key to be accessible on short notice d
    • This solution would break down if the local agent needed to access the shed because of a network outage. How do you let the guy in if the comm gear is hung and he is there to give it a good kick? What zentigger needs is an electronic cipher that can be set in advance, provided to the appropriate person when required, then changed again after the service is restored, maintenance completed, etc.
    • by j00r0m4nc3r (959816) on Friday April 20, 2007 @10:59PM (#18820967)
      Since your budget is down a bit this quarter, you should just hire an H1-B immigrant to live in your POP shed 24/7 with a cellphone, a small ration of ethnic food, and a DVD of Little Superstar to keep his spirits up.
    • by MentalRuin (927884) <mentalruin@noSpaM.gmail.com> on Saturday April 21, 2007 @12:52AM (#18821519)
      Look at what universities use. They have thousands of users that need access to various areas, but only to very specific areas around campus. This includes students as well as staff.

      They need to control who has access, as well as when access has been gained. Most employers now use some kind of ID system, the 'access keys' could be included in the ID. It could be as simple as RFID to magnetic stripes. You could also combine these with keycodes chosen by the individual users. With this dual level of authentication, the keycodes would not need to be updated regularly because of the dual authentication.

      You could use one of your onsite servers to control access and log access. These servers could be updated in real time. The only worry would be that the server could not be updated quickly enough after an employee was fired. This is where HR comes in, if you have your system immediately revoke ID's upon employee termination, terminated employees would not be able to gain access. On the off chance that the servers could not be updated due to communication problems, the server that controls access logs would show that the terminated employee gained access to a facility after their rights had been revoked. Combine this with video surveillance you will have both digital and pictorial proof of the illegal access. In a worst case scenario, one of you security officers would need to physically show up to the site to allow access to someone that has the right to access the facility, but the inability to do so.
      • by rabbit994 (686936)
        Problem with this systems is they require constant communication with auth server. We had them at my University and on occasion, when servers went down or Mr. shovel beat Mr. Optic Wire, they would have to place them in some special mode where any swipe of card (credit cards included) would open the door. Normally, campus police could accomplish this function but it would be annoying till they got there to pop open the doors. I couldn't see this working for a sites where it's geographically dispersed AND th
    • Yup, and use a backup with a tubular keyway to prevent picking and bumping.
  • Bit o' Warning (Score:5, Informative)

    by thesameguy (1047504) on Friday April 20, 2007 @06:47PM (#18819049)
    A while back I did some consulting for a somewhat remote municipality, who was in your exact same situation. They had small "equipment sheds" located throughout the region, and were having problems maintaining physical access. Their solution was to invest in a bunch of programmable electronic combination locks that they could reprogram as people were fired and/or promoted and not have to go through the whole rekeying process. This created an entirely new problem: People forgetting access codes that changed every several months. These workers worked around the problem the only way they could: Prying open the doors with tools, breaking the doors and sometimes the locks in the process. This forward-thinking municipality ended up footing the bill for the lock retrofit, a bunch of broken doors, and ultimately a return to standard keyed locks. FYI, YMMV...
    • Re:Bit o' Warning (Score:5, Insightful)

      by sirket (60694) on Friday April 20, 2007 @09:00PM (#18820065)
      A user should have a combination- not the lock. A user leaves and his code is removed- the lock code isn't changed. In addition- a user uses the same combination on every single lock. It's hardly complicated. It sounds like the systems this municipality used was just broken.
      • by igb (28052)
        Depends on how many staff you have. Every ten-fold increase in staff means you need an extra digit on the combination just to stand still. BT currently use a system that has a swipe-card and a PIN for each employee, and the lock is programmed with the swipe-cards that it will accept: that has the benefit that the safety of the PIN doesn't decline with staff-count.
    • This created an entirely new problem: People forgetting access codes that changed every several months.

      If you rely on access codes, always have someone they can call for a code if they forget theirs. They would authenticate themselves to your office (or their office) and said office would read them their code.
  • by Anonymous Coward
    Here [fixedreference.org] is my preferred electrical door lock in action. Never had a problem with a burglar yet.
  • by Timesprout (579035) on Friday April 20, 2007 @06:56PM (#18819139)
    I have a complete electronic defense system for my home and I am currently upgrading the AI. It was slow going at first, the AI kept requesting to be given a name. Eventually i gave in and called it Skynet and things have been going quite well, although the Asimo I hooked up to it does like to chase me round the house a lot trying to taser me. I am going to ask one of my mates at the NSA if one of their global domination scenarios can connect and defeat it as a final acceptance test. Should be cool.
    • Re: (Score:3, Funny)

      by UnderDark (869922)
      I'm sorry, but I can't do that Dave.
    • by elrous0 (869638) *
      I have a friend in Russia with an equivalent system in his home. I'll give you his number and maybe you can arrange it so that your system and his can have an interaction. Couldn't hurt, right?
  • Is there some reason you can't just have all of the locks keyed the same?

    Any locksmith should be able to do this for you.

    • by MeanMF (631837)
      Kind of a pain if the wrong person gets their hands on a key....
    • by itwerx (165526)
      Is there some reason you can't just have all of the locks keyed the same?

      A - they probably have different equipment in different locations, some of which they may not want everyone to have access to
      B - when somebody leaves the company they have to rekey every darn one of 'em!

      (Yes, there are mastery key configurations which work around some of the above issues but the additional overhead probably makes it a wash in this case)

      Back on topic: despite recently announced security flaws, HID actually makes decent
      • With some high security systems (Medeco, Assa, etc.), it could be written into the contract that unless all keys were returned at the time of departure from the company (or upon request by a supervisor), it was possible to withhold a deposit or the last paycheck of a departing employee to defray the expenses of re-keying the locks.

        This was from a long time ago, when I worked as a locksmith. I have no idea if it's still legal to do so.

      • despite recently announced security flaws, HID actually makes decent card-key equipment. If you have a ton of money and the technical wherewithal to work around the (to my knowledge as-yet-unpatched) security issues their system will do exactly what you want.

        Talk about damning with faint praise.
      • C - if a vendor tech needs to access at a remote location, they can give them a temporary code for access
        D - tracking who accesses a location, checks for unauthorized access by employees and use of codes by someone else

        Just a reminder
        With remote locations, good locks can only do so much since criminals have a lot more options.
  • by mlts (1038732) * on Friday April 20, 2007 @07:39PM (#18819519)
    Most companies I see use HID or S&G for card access. I personally would recommend HID (one of their newer card reader lines that use two-way authentication).

    For mechanical lock backup, go with Medeco, Mul-T-Lock, or Abloy. All of which are immune to bumping, are restricted in key duplication, but keys are still decently available when you need copies made at a locksmith with your card.

    Lastly, if you want a solution that is a hybrid, requiring only cylinders changed rather than lock hardware, you might consider the Mul-T-Lock CLIQ series. The CLIQ keys are mechanical and electronic, and the reader is in the cylinder, so no wiring of doors is needed. To remove a key from the authorized list, you just code the programmer key to remove it, then walk around and stick the key in the appropriate doors.
    • by numbski (515011) *
      I googled a bit on what you said. I went looking a while back for a solution that would allow me to put either RFID or biometric data into LDAP and then have biometric scanners at each door (fingerprint probably).

      I'm finding it difficult to find a solution. Once upon a time I had a bookmark for a vendor that sold component parts - strikes, latches, dead-bolt, fingerprint scanners, rfid scanners and cards, etc. Can't find it now. Ideally I'd like to put fingerprint signatures into ldap, use a central sys
    • How do these handle cold weather?
       
      Batteries tend to go dead in -40 degree weather, so if you're locking an unheated shed in the winter, where do those things get their power?
       
      In fact, I wonder if they work at all in extreme cold, even if they are locking a heated building.
  • by Big Bob the Finder (714285) on Friday April 20, 2007 @07:58PM (#18819667) Homepage Journal

    I worked my way through college as a locksmith. I've always favored hardware security (keys) over electronic widgetry. Talking to a Medeco dealer about getting your locks on a solid masterkey system would give you a solid system, but allowing remote sites to be accessed- possibly by different agents each time- wouldn't work.

    One solution might be Videx. I've only glossed over their literature, but they seem to have a pretty good solution in place.

    http://www.videx.com/products/detail/cyberlock.h tml

    Specifically, the section on how "the CyberKey Authorizer enhances CyberLock systems by providing the ability to program and download CyberKeys at remote locations." That might be too pricey for your application. I've never priced out "door" costs on Videx hardware.

    • by kah13 (318205) *
      Videx is popular in hospitals for high-abuse keys (like Code Blue keys for elevator overrides) and for remote gate keys in places such as airports or nuclear plant where loss of a key would have tremendous implications unless you can make sure the key will expire in a short period of time or can be quickly override.

      The cost is high, IIRC around $400/cylinder, and the keys aren't cheap. However, I find the idea clever and it's nice to have a system you can just do drop-in installations for.

      Unfortunately, it
  • by mrcaseyj (902945) on Friday April 20, 2007 @08:05PM (#18819713)
    I was thinking of putting an electronic lock on my door. One of the problems is that if there is someone near that you don't completely trust they may see you entering the combination. My cousin shoulder surfed my password once so I'm a little paranoid about this sort of thing. You can move to block them from seeing you enter it but that can be insulting to your guest. That's a significant issue for someone like my grandmother who may be entering her combo in front of customers she doesn't want to offend.


    So I'm thinking that the way to do it is to have a keypad facing down so that you curl your fingers up to push the buttons so the person near you doesn't see. I figure having only four buttons would make it easier to enter the combo without looking. Buttons on the bottom would also have the advantage of keeping water out of your buttons.


    One of the reasons I wanted a combo was I figured it would also be a lot faster than pulling the key out of my pocket every time. In fact I think a quick combo lock would be so quick that it wouldn't be too much trouble to just leave the door locked all the time.


    Some other good features for the lock would be different combinations for everyone in the house. And some one time use combos and guest combos.


    By the way if you are hiding a key outside your house make sure you put it around the corner or something so if someone is with you then you won't have to reveal your hiding place.

    • by hazem (472289)
      That's a significant issue for someone like my grandmother who may be entering her combo in front of customers she doesn't want to offend.

      Nobody should be ashamed by keeping secure things secure... and nobody should be offended when somebody else tries to do so.

      It's just like I shouldn't be ashamed to go behind a door to "adjust the hardware"... and nobody should be offended that I do so.
    • by jimmyswimmy (749153) on Friday April 20, 2007 @09:46PM (#18820465)
      I used to use a system much like you describe. I used to work at a major international airport, which secured some private areas from the public with a cipher lock. It had rocker buttons, five of them, at the bottom of a metal "butter tub". You could stick your hand in there and look inside and see the labels on the buttons, but once you'd seen it once, you didn't need to look again. The rocker buttons were centered and if you press one way it might be a '1' and the other way was a '6', I think.

      A more interesting system was on the front door to my office - a 9-digit keypad where the numbers were lit up in a dot-matrix format. You could only read the numbers standing in front of it, and they would change each time you walked up to it. It was very cool, but they stopped using it in favor of ethernet-programmable fingerprint readers.

      There are a lot of options. The tougher part is weatherproofing any of these solutions. The more fancy electronics you have, the more important keeping water out becomes. Good luck!
      • by dgatwood (11270)

        This may sound somewhat smart-alecky, but weatherproofing is easy if you don't put it outside. :-) Build a two foot extension off each door. Use an exterior door with the lock disabled for the outside of the tunnel. After opening the outer door and walking in a foot and a half, you have access to the keypad or other similar device.

      • by ivan256 (17499)

        It was very cool, but they stopped using it in favor of ethernet-programmable fingerprint readers.

        How long until they gave up on the fingerprint readers?

        My experience with fingerprint readers, regardless of brand, is that they just plain can't handle people with dry, cracked skin. If you wash your hands or wear gloves a lot, they just don't work. Usually you see fingerprint locks go in, and then they're back to PIN or prox card locks within a few months.

    • ScramblePad. [hirschelectronics.com] I've heard they're around $500 though :-(
  • For a long time, geeks have come to share homes (eg, Open Sourcerers, who perfer lower living costs, et al.)

    We can envision techie villages, bringing together a mix of renewable energy geeks with al the other geeks, onto a modest sized property,
    away from the smells & noises of cityscapes, within commuting distance, but closer to nature & its beauties, maybe with windows looking out over nothing but natural sights & sounds (if the windows are opened ;-)

    It the coming WiFi (WiMax & beyond) days
    • while reading the first line of your 'utopia' I was immediately already envisioning the fourth & fifth word in your third line, but in a completely different expectation.....
    • Sound's like the geeks version of the Kibbutz [wikipedia.org]
      A small circle of friends and myself have been seriously discussing and investigating the myriad details in setting up something along those lines for ourselves. Thus far, the most compelling arguments in favour of it are the economies of scale and the various grants, tax breaks and other incentives we may gain, depending on how we are structured. The strongest argument against it has been the possibility of serious personality conflicts long term. Even setting
  • Avoid Chubb (Score:2, Interesting)

    Whatever you do, avoid Chubb like the plague.

    The "brains" of the system run on useless software that will not work without a hardware dongle. Check before you buy, I'm sure there are plenty of vendors who pull the same shit out there

    Also, are you SURE that a keypress box (lockable box with hooks for hanging keys) won't do? When I was in the military, that's what we did. Never had a problem as:

    a) We exchanged keys for identification (no ID, no key!)

    b) If you lose the key or run away, we have your id, and we
  • I have had my eye on the RFID Digital Door Lock from ThinkGeek for quite a while now.

    It's easily reprogrammed, you can issue access cards to persons as opposed to giving out a single PIN. Plus, it's supposed to be hack-proof, but probably not to the level of Sargent & Greenleaf.

    I am considering it as a replacement for the lock in my flat's front door (which is arguably both less and more critical than an ISP gear shed). It's indoors, so weatherproofing is not an issue, but the flat is just rented so I c
  • Add & remove access on the fly.
  • by Bazman (4849) on Saturday April 21, 2007 @10:18AM (#18823925) Journal
    Our recently refurbed admin building ("Hey! When are we plebs going to get our leaky windows replaced??") had its grand opening the other day, complete with University bigwigs and minor royalty. The day before it seems someone decided to upgrade the security system firmware.

    When they did this, there was nobody inside. And they locked themselves out. They figured if they set the fire alarm off then the override would fling the doors open. But it didn't. They had to get someone in to smash through the security door to a) get inside and b) stop the fire alarm.

    I imagine all the mess was cleaned up before the princess arrived.

  • Check out Computrols, Inc. They have programmable keycard locks that work over ethernet. Different card can access different zones and its all programmable from one head end unit. http://computrols.com/security [computrols.com]
  • ...is, as you have concluded yourself, completely useless.

    Basically, you should go for the system that is easiest for you to manage. All electronic locks (and all locks in general) are easy to break, if you want to. Quite surprisingly, the more expensive locks, are often easier to break (it can be done with a screwdriver instead of a crowbar (or if your doorframe is better: power tools). And if the lock is better than that, there are always windows, or even walls.

    If what you need is security, you need m

  • by sheddd (592499)
    I work at a hotel and put Saflok [saflock.com] locks in ~350 rooms. ~$100 per lock, nothing super secure, but cheap, and you can have keys that open whichever locks you specify, and you can see which key(s) opened which locks and when.

    Of course, with a $10 tool, you can open the locks, but I bet the same could be said with your current locks.

    • by couchslug (175151)
      "Of course, with a $10 tool, you can open the locks, but I bet the same could be said with your current locks."

      An intrusion detection system would be a Good Idea too. :)

      Unless the doors are something special, anyone desiring entry can use a (good) cordless holesaw/drill/sawzall and just slice out the lock/frame/whatever.

      FWIW I use a cordless 28-volt Milwaukee Sawzall to cut pickup truck frames in half when making trailers. Their cordless drill will cut heavy sheet metal using a good holesaw, and does a fine
  • certainly not the ones used in Jurassic Park... I know I don't want to overpay for some expensive door lock that some velociraptor can open when the power goes out...
  • Here's something a little different than the typical swipe card systems that all have to be connected back to some central control:

    Cyberlocks [videx.com]

    We use these where I work and it's a great retrofit when you have multiple builds, including ones that don't have any electrical power. Basically, you have electrical lock tumblers that you replace the mechanical ones currently in your door handles. The key supplies the power (no batteries in the locks to change). When the key is inserted, it powers up the tum

  • I can't speak to the security of these locks but they might be worth a look. You unlock them using the Dallas Semiconductor iButtons. Each one has a unique serial number imbedded it it and it can't be copied. We've sold these peoples timeclocks and they have worked well. They also have a line of locks that sound like they might meet your needs. http://www.accesspilot.com/ [accesspilot.com]
    • Re: (Score:3, Informative)

      by mmontour (2208)

      You unlock them using the Dallas Semiconductor iButtons. Each one has a unique serial number imbedded it it and it can't be copied.

      A serial number certainly can be copied. Relying on it for security is like relying on MAC-address filtering on a wireless router (i.e. insufficient). You can't copy the serial number onto another iButton, but you can program a little microcontroller to speak the same 1-wire protocol and pretend to be the iButton interest. It's not hard to discover the serial number of an iButton; it's printed right on the case of each device.

      There used to be a "crypto iButton" that provided real copy-proof security. It co

  • Another solution I have seen to a very like issue is having a secure door lock like the medlock that don't open the door itself, but the bolt triggers an electric trigger built in the door with battery backup for power outages that will cycle the lock mechanism. Then also, a keypad combo lock tied into a central server that will also trigger the lock mechanism. This provides secure mechanical and electronic access in best and worst case scenarios.
  • If the reason for attending the site is a power or backhaul problem, be careful which electronic lock you buy. It would be a shame if no power meant no access.
  • mag casrds are your answer. you can remotely program the cards and there's no problem with opening the door if the network goes down at the site. they are also dirt cheap and can be set to expire so it doesn't matter if the tech loses it. video survillance is also a good idea.

He who steps on others to reach the top has good balance.

Working...