Windows logon with the flexNExT

More Rohos Logon Key goodness you guys! Yeees, I know how you all love hearing me promote that particular piece of software, so I figured I’d slather another layer of it :slight_smile:

This post answers what everybody with flexNExT envy wishes to know: can you log onto a Windows computer smartly with it? By smartly, I mean without twisting your hand or wrist uncomfortably to present the implant to the reader, and more importantly, letting the LEDs shine to daze and amaze your coworkers.

Why yes, yes you can:

What you need to make this happen:

  • A Feitian R502-CL: that reader has an antenna that’s absolutely atrocious with glass implants, but that happens to work surprisingly well with the full-size flexNExT. The Feitian R502 will work also, but its range is a bit more limited. So it wouldn’t be an ideal choice to read through your wrist, but it would work well through your hand.

  • Rohos Logon Key obviously: as it happens, it supports Feitian readers. Ain’t that handy.

To configure it:

  • Open the main panel (administrator, not user), choose Setup authentication key:

image

  • Select Mifare 1K RFID: yes, the flexNExT is an NTAG216, not a Mifare. But bear with me. Then click on the Device options cogwheel thingy:

image

  • If your Feitian reader is working properly, if should appear in the list of available readers. Simply copy/paste the name of the device (sans the comma) into the Default reader field and - that’s the important bit - enable Treat cards in ID-only mode (emulated PIN).
    In this mode, Rohos only cares about the UID that comes from the chip select command, and any old NFC chip answers it, be it a Mifare Classic, Ultralight, NTAG, DESFire or anything else. It’s the lowest common denominator of the NFC protocol (and also the least secure, but we don’t care since NTAGs don’t really have security anyway):

image

  • Close the Device options dialog, present your flexNExT, type your Windows password while keeping the implant in the field (not terribly easy, that) and click on Setup the Key.

image

That’s it!

As a side note, I’ve noticed something interesting: as you may recall, Rohos on my Windows machine at work was setup to read UIDs from my serial LF reader. But I’ve just discovered that if you setup Rohos for Mifare login, it doesn’t disable the serial reader :slight_smile:

I don’t think Rohos is meant to do that. It might be a bug, but it’s damn convenient: now I can login with the xEM in my foot, or with the flexNExT in my wrist. Brilliant!

7 Likes

Great write up and great share.
Gotta love a bug that works in you favour
Thanks @anon3825968

Trust me, I’m genuinely looking forward to any post about Rohos! After all, it’s the only software to have actually worked for me with consistency :smiley:

You know what? It just struck me that I should embed the Feitan reader in my trackball’s wrist pad.

Hmm… I suddenly feel the urge to go to the workshop…

4 Likes

I’m still thinking about hollowing out a section in my wooden desk to put a reader in. You know, like those “smart desks” with built-in Qi charging pads for your phone.
But the effort is not worth it to me, when I can just tape an ACR122 under the desk…

1 Like

I use a trackball too, but the Logitech mx ergo, a bit more comfortable than a finger one for me.

1 Like