If you’re wanting to use the xNT or flexNT for PC login, then I’d try the first option. It’s free and works well enough. The second option is not free, and possibly a bit less user friendly, but it will become useful in the near future with the release of VivoKey. Also, EIDAuthenticate needs a REG file to be loaded so the PC/SC system recognizes the xNT / flexNT as usable for authentication. Unzip and execute these REG files to register the proper links for x-series tags:
I couldn’t get this to work and was originally asking for help, but managed to get this to work finally so here’s a quick guide for those who run into this in the future and just want to login to windows from their own PC and don’t have a full AD setup.
Install the driver for your ACR122U (I’m not sure if this is critical, but it seemed like the right thing to do)
Install the FREE version of NFC Connector it should be called NFC-CSP-Light (the Enterprise version is kind of a dick and doesn’t play nice with the reg edit provided above and I couldn’t manage to get it to work with it’s own registration software either. That might be because I don’t know what I’m doing though, so if you can figure that out let me know.)
Run the reg edit from above
Open the NFC CSP Smart Card Manager app and add a certificate for your implant
Now install EIDAuthenticate and associate the certificate from your implant with your account in the configuration portion of the installer.
Enjoy sweet victory and login with your hand. Unfortunately yes, you will still have to press enter on the PIN screen even if you don’t use a PIN.
alternatively, you could turn off the password for your account (less secure) or use this as a two step authentication (more secure), you could use some form of Arduino, a relay, and a rc552 reader and wire it up to your front panel port on your motherboard. here’s some links,
I primarily use Linux, and wrote my own scripts to log in, and lock/unlock sessions (https://github.com/Giraut/nfcutils). Under Windows, I use Rohos Logon Key for machines on a domain (not free) and ISLOG Logon NFC Community for standalone machines (free).
So, for the NExT they have an automatic code that gets typed out when scanned. You could just change the password on your PC to match. I took apart the USB reader from dangerous things and hard wired it in and mounted it inside my Chromebook to the left of my touchpad. It picks up the tag through the plastic no issues and automatically enters the code and logs in all with one scan. Simple solution if you don’t want to get into the nitty and gritty of trying to encrypt any further.
I had the same idea and had it on my list of things to do, glad somebody has done it successfully.
did you wire directly to the usb port internally? if so does it render the port unusable externally, does it cause any COM port conflict or similar? (the reason/ excuse I haven’t tried it yet)
I also considered placing the reader behind the screen,
hand swipe behind
but I foresee the cable run being the tricky part even with ribbon cable?
Unsure if this should be a new topic or not, I apologize.
I’d like to unlock a domain PC with my NFC chip. I can’t really see convincing my company to install Rohos, and was wondering if I could use a scanner for keyboard emulation, similar to the KBR1.
It would have to read a record off the chip however, rather than the serial, since I can’t use a pin at work. Is there any software out there I could use to say read record 2 off my hand and throw it in the password field with an NFC reader, or is that something I would have to go about setting up myself?
Depending on how exactly your work PC is administered, you may not need nobody’s approval to install Rohos. Just try to install it: if it works, you’re good to go. If it says you need admin rights, well, too bad. But the point is, no need to ask your administrator to try it out, and he’ll be none the wiser one way or the other.
Also, if you’re able to install it and you get flak over it later, remember: it’s easier to ask forgiveness than to ask permission - particularly since the admin themselves would have let you have the right to install it, and it’d be their fault if you shouldn’t have had it
I was thinking about just doing it for the sake of seeing what would happen, but the needing a PIN as well seems tedious. I’m the “I’m too lazy to press enter every once in a while, let me spend weeks writing a program so I don’t have to” type of lazy
Well, funny you should mention the PIN number: at my previous work, my Rohos install insisted on it. But at my new workplace, I installed it this morning and it doesn’t for reasons unknown. It’s great: I just have to wake up the PC and run my hand on the reader to log in or unlock the screen.
Maybe it depends on your particular PC / login setup / Windows version or something. Anyway, worth a try. Worst case scenario: you absolutely have to have a pin, then set “0” or some other single-character thing to lower the annoyance factor.
The KBR only reads the UID though, correct? I’ve got it set up as a PIN on my home PC, but we can’t use PINS at work, and have to change passwords regularly.
Would you be willing to share the source code for your wedge application? I’m purely a database guy, but my coworker may find it super helpful to modify an existing app rather than us tinkering around and learning all this from scratch.
One of my coworkers in the Development department and I are planning on playing around with one of thoese White NFC scanners, and if they read all the records on the chip, are planning on writing a little program to function somewhat like this:
Select the record that contains your password in a configuration window (record 2 in the attached image)
It’s not going to do anything fancy. You scan your hand, and the program will wake the PC, pass in the string, and press enter.
Still need to give Rohos a go today though, because if what Rosco experienced with it not asking for a pin is still a thing, I’d totally use it.