Privacy friendly keypad/electronic door lock at home?
from curious_dolphin@slrpnk.net to privacy@lemmy.ml on 06 Oct 17:30
https://slrpnk.net/post/28482551
from curious_dolphin@slrpnk.net to privacy@lemmy.ml on 06 Oct 17:30
https://slrpnk.net/post/28482551
I’m looking into installing a door lock w/ key pad at home for two use cases:
- I’m out of town and need to allow someone to enter my home, in an emergency or for any reason.
- Nice to have - “oh shit, did I lock the door” - ability to lock the door remotely from my phone, would also solve use case #1 by unlocking remotely.
If there are no privacy respecting / self hosted apps for remote control (use case #2), then a “dumb” electronic lock w/ key pad that enables me to set a PIN that I can give to a friend or neighbor in a pinch and then reset the PIN after I get home, that would be good enough. If no such keypad/electronic locks exist, then my backup plan is to just make a few copies of my key for trusted friends & family and/or hide a key, but I’d like to explore the keypad route.
threaded - newest
I use a keypad lock that has z-wave in it and tie it back to home assistant. I access home assistant through my wireguard vpn and lock or unlock as i please.
Good to know there are models compatible with Home Assistant. Thanks for the info.
If you find one, see if you can get it to work with Home Assistant. I already cross-posted this to the Home Assistant community, so they might chime in as well.
I had these exact concerns after buying a house!
Anything connected to the Internet is inherently vastly less secure. Fortunately, your two usecases can be addressed with a “dumb” keypad lock with two features:
Multiple access codes. Set a different code for each trusted party, as well as an extra code that you can give out in case of emergency, which you can reprogram once you return.
Automatic locking. Set a timeout for the deadbolt to re-engage after a set period of time. If you forget to lock the door, it simply locks itself.
This is the route I took. All manual, multiple codes. There is a code for the gate, and a code for the door, per person I implicitly trust. With some 23 cameras on the property, I’m well aware of just about anything going down on my property while I am away.
I can’t help but wonder what else might be going on here.
Brown chicken, brown cow.
Actually, pretty spot on.
22 acres of farmland
One camera per acre + one in the bedroom?
LOL Well, it would seem like it works out that way but the only interior cams I have are in the living room and there is one in the lab. I’m not really into sex tapes. They always seem like a good idea at the time, but they have the potential to become quite litigious, and I try to stay out of courtrooms.
And by “lab” you mean “sex dungeon,” right?
They meant their dog.
Ah, so like an endoscope. Kinky.
Thanks for the idea. In your case, do you still need a phone app to program the various PINs or are they all programmable “on board?”
It’s all on-device. There is zero wireless connectivity, as that would present a security hole.
It does take a lot of tedious keypad tapping, but it’s not something that needs to be set up more than once per lock.
I’ve got one like this. A standard NON-CONNECTED keypad lock from the big box hardware store. I set a few extra codes and hand them out (and change hem) as needed.
Fair warning: anything like this that you may want to buy has almost certainly been defeated, especially anything that is a combo lock. The only systems I’ve seen that are actually somewhat secure are the types that have a separate keypad and lock mechanism, and require electricity in the door frame latch.
I prefer an old school security door with key for my home, any electronic doorlock is hackeable, more with online functions. Same as generally “smarthomes” are never private.
Old school locks are hackable too. A pick gun is a couple bucks on Amazon.
The LockPickingLawyer would like to have a word with you.
https://www.zigbee2mqtt.io/supported-devices/#s=Lock
It’s a ‘dumb’ solution, but you might be better off with a key safe. My mother in law uses one, and it lets the family have access if she’s working or on holiday and something needs doing.
The PIN can be changed quite easily, and there’s no chance of being locked out due to a power / battery failure.
I had not thought of this. Thanks for the idea.
Something that uses the Matter protocol might be what you’re looking for. My understanding is that they can be disconnected from the internet (only able to communicate with your Matter controller over your local network) and still work.
Maybe something like this:
a.co/d/0rMibVK
With a controller like this:
a.co/d/9OD97pR
The comments are funny… I run Home Assistant (using ZigBee, so devices have no Internet connectivity) at home but I also lock pick, for fun.
Sure, your “smart” or “connected” gadgets can be hacked but don’t get fooled by believing your “dumb” locks are safe!
As somebody pointed out check the LockPickingLawyer… but if you believe it’s complicated buy yourself a lock-picking training kit for 30€. Sure you won’t open “fancy” locks easily but you can open a lot of locks by training for like 1h. Get a kit, watch few videos, train while paying attention, repeat while watching a movie (basically blind picking) and you’ll get surprised how quickly it comes. If you have very fancy lock (the ones that cost more than 200€) then you need better tooling, like 1000€ automated ones, but that still requires little skill and need a minute to pop a lock (so I heard, this I never tried).
So yes, please, do NOT buy a connected lock if you believe that’s unsafe BUT also do not imagine you are safer with a “traditional” cheap one.
PS: full disclosure, I do not have a connected lock but it’s not because I think they are more unsafe, just because I didn’t bother. I’m not convinced of the utility for the price. That said if you have suggestions, I’m all ears.
PS2: as with similar questions on software, depends on your thread model. If you have to deter playful teenagers or drunkards, sure, it’ll hopefully slow them down enough so that they give up. If you are facing professionals it won’t matter either way, safer to get insurance for the outcome.
Much like securing your network and devices, unfortunately, there isn’t anything that renders 100% protection. I’m fond of saying ‘For each and every technology, there exists, or is soon to exist, an equal, yet undoing technology.’ Technology doesn’t stand still, but it always wields a double edged sword.
Indeed, and that’s why I enjoy lock picking. You get to actually understand the technology and its limits. It’s a playful pastime but IMHO it’s an interesting reminder.
That being said… I do believe 1 protection exist and is close to 100% : computational complexity. The math behind encryption is the closest we have to a perfect lock. The fact that governments have to put artificial limits on it says a lot.