Jump to content
Security Installer Community

Allowing Leading Digits On Codes


Recommended Posts

Posted

This is something I've seen on a few panels now, and I can't work out if there is a reason behind it.

The panels all allow 4-6 digit codes.

I have my code set to 2222.

I enter this as <2><2><2><2>, and as soon as the last digit is pressed, the panel recognises the code (i.e. no need to press enter).

If I enter <7><3><2><2><2><2> or <6><2><2><2><2> then it still recognises the code fine.

This means that if I entered 123456, I get the 4 digit pins 1234, 2345, 3456 tried in one attempt.

Is this normal on panels? Why is it like this?

I have a blog, some of which is about alarm security and reverse engineering:
http://cybergibbons.com/

 

 

 

Posted

Yes it is quite normal. The not having to press enter is a parameter that is configurable on a few, it was designed I guess to make life easier as in the days of codes people forgot the next action eg pressing yes or enter so I can only assume it was there to help.

I think the same goes for the fact if it detects the correct pin in a sequence of numbers that it accepts it although on many the panels I come across that isn't possible, you have to enter the correct pin and if you make an error you have to clear it and start again.

www.securitywarehouse.co.uk/catalog/

Posted

Thanks. The graded panels I have tend to deal with this a bit better.

I have one old (1987) ADT panel that didn't even care what order the digits came in, and a code lock that lets you just enter a De Bruijn sequence. I don't think it has any material impact on actual security, just an odd quirk.

I have a blog, some of which is about alarm security and reverse engineering:
http://cybergibbons.com/

 

 

 

Posted

I can understand that, after all your passwords on your computer don't do it and the pin on your bank card doesn't do it. What was even more worrying is the number of systems that left the pin on default and never changed it. Prox cards have helped that problem.

www.securitywarehouse.co.uk/catalog/

Posted

As a side note i believe chip and pin has trained uk users to better handle pins now

I'd agree but back in the day you'd think you were asking someone to decrypt a complex puzzle rather than entering a pin and a ack button.

www.securitywarehouse.co.uk/catalog/

Posted

I'd agree but back in the day you'd think you were asking someone to decrypt a complex puzzle rather than entering a pin and a ack button.

The problem was, and still is, some manufacturers don't consider the end user.

Having a simple 'enter' button is often all it takes. Unfortunately keypads often had/have a button that does not make it's use obvious.

Posted

if you have the user manual and read its advice, it usually mentions do not use sequential codes, and to change the default code. this is because many panels have sequential default codes and could be overcome, as you have found out. or an intruder knowing the default for that panel trying their luck knowing many users are to timid or lazy to tinker.

i don't advise changing the code immediately, far easier to get to know the system with an easy code, especially if not all the users are present for your demonstration. and i always advise doing this at sociable times, you mess up and your neighbours peace and sleep is under threat.

using the same digit as in your example '2222' is unwise for a main user code, it will wear that particular key '2' out 4 times quicker than the others, discolouration and wear making it easier to guess your code, same applies to 1212, 6262 and so on but to a less wear extent.

some panels you can turn on or off other actions like chime, part set, duress and so on by adding or changing the last digit a after the code, it is better to void these digits second function numbers as the last number, to better prevent accidental actions.

Historical or well known dates 1066, 1812 etc.are best avoided, intruders can be well educated, i advise using wedding their anniversary - just to watch the husbands embarrassment.

all the above is to be considered with the likelihood of the premisses being targeted by an experienced intruder against an opportunist, having 2212 active while grannie stays, is better than leaving the alarm left off altogether.

If you think education is difficult, try being stupid!!!!

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.