Skip to Content

Rohos Logon Key: Turn any USB device into a login key



We've covered USB key security systems before, but Rohos Logon Key looks like an interesting new player in the field for two reasons: cost and convenience. Like other USB key systems it allows you to control user logins with a USB key, but unlike other systems you don't have to use a dedicated key -- practically any USB flash drive will work. In fact, since it depends only on the USB device's serial number and doesn't store anything on the device, many other things will work as well, like iPods, memory cards, or dedicated USB keys.

As you can see from the video, when you pull the device you can set it to either lock the screen immediately or launch OS X's built-in screensaver with password protection. When you plug it back it, it automatically fills the password for you. It also works at the account login screen. Frankly, I don't really know how secure this solution is, since I don't know how hard it is to spoof a device serial number if you know what you're doing. On the other hand, for basic "step away from your desk for a moment" security it looks like it might be a convenient solution.

Rohos Logon Key is $29 from Tesline-Service and a demo is available for download.

[via MacNN]

Categories

Software Security

We've covered USB key security systems before, but Rohos Logon Key looks like an interesting new player in the field for two reasons: cost...
 

Add a Comment

*0 / 3000 Character Maximum

17 Comments

Filter by:
j2

Not exactly the same, but $30 less expensive is marco polo.

I've got it set up so that everytime I put my (i)phone in the cradle it turns off the screensaver password and disables the screensaver. It also reverses these actions upon removal.

I used to use the bluetooth proximity detector with added Adium and Mail applescript goodness for sexy time also.

I've never tried marcopolo outside the context of already-logged-in, but this is good enough for me.

August 14 2008 at 11:07 AM Report abuse rate up rate down Reply
1 reply to j2's comment
Adam

hey can you help me with marcopolo?

I was trying to set up stuff similar to what rohos is supposed to do, but i can not figure out anything!

can i email you or something?

September 02 2008 at 3:30 PM Report abuse rate up rate down Reply
Andre

If it's using a standard USB key, how does it handle the removal without that nasty device removal popup?

August 14 2008 at 10:09 AM Report abuse rate up rate down Reply
1 reply to Andre's comment
Tony

It doesn't as far as I can tell.. however you don't have to use a formatted key - you can use an unformatted one, or an iphone, ipod, etc. - pretty much anything with a serial number.

August 14 2008 at 7:47 PM Report abuse rate up rate down Reply
Tyler

Although it may be possible to spoof the USB device's serial number, the OS X user account system isn't very secure anyway — it's easy to reset the root password using just an installer disk.

This seems very cool for basic security, say for fellow classmates, coworkers, etc. People that aren't out to "get you".. But if anyone had physical access to your machine for an extended period no security product would help

August 14 2008 at 5:51 AM Report abuse rate up rate down Reply
3 replies to Tyler's comment
Marty

You only need to know what USB device is used. Then you can look up its ID and spoof it. (e.g. http://www.linux-usb.org/usb.ids)

August 14 2008 at 3:41 AM Report abuse rate up rate down Reply
2 replies to Marty's comment
Ed

I don't think that the ID is the same as the serial...

August 14 2008 at 5:38 AM Report abuse rate up rate down Reply
JoolsG4

Er, no... The USB Product ID and Serial Number are different.

The Product ID will be the same for all Products of that type. The Serial Number should be unique.

August 14 2008 at 5:55 AM Report abuse rate up rate down Reply
Marcos

The SN is easy to spoof with the right equipment.
But you have to *know* what serial number to spoof. That's the tricky part.

August 14 2008 at 1:20 AM Report abuse rate up rate down Reply
trurl

this video will become an internet meme... i'm sure

August 13 2008 at 11:26 PM Report abuse rate up rate down Reply
Rick Stratton

This vide reminds me of a Dharma Project video from LOST.

August 13 2008 at 10:20 PM Report abuse rate up rate down Reply
1 reply to Rick Stratton's comment
Sean Ouimet

I had the same thought re: Lost video

August 14 2008 at 2:07 AM Report abuse rate up rate down Reply
haydio

Worst.Video.Ever

August 13 2008 at 9:43 PM Report abuse rate up rate down Reply
mrsteveman1

Well, the serial number is probably in the microcontroller in the USB stick, and i don't suppose most of them have easily updatable firmware. There were those U3 things but that was just a virtual CD emulation thing.

If someone wanted to they could falsify the USB traffic i guess, that might be easier than altering an existing USB sticks controller chip.

On the other hand i don't like this idea unless there is a way to get into the system if you lose the key. :D

August 13 2008 at 9:21 PM Report abuse rate up rate down Reply
Buy an ad here

Hot Apps on TUAW

Tweets

© 2012 AOL Inc. All Rights Reserved.