Navigation

    • Login
    • Search
    • [[global:header.recent]]
    • [[global:header.tags]]
    • [[global:header.popular]]
    • [[global:header.groups]]
    • [[global:header.search]]

    Windows Logon, your input welcome!

    Ideas for using NFC Rings
    14
    71
    104906
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      maz_net_au @Lokki last edited by maz_net_au

      @Lokki
      Until I have a registration app theres not much point making a binary but for now if you didn't mind a clear-text password in your registry it works well enough for me to cobble something together. I wouldn't mind it if people wanted to test it on windows 10 for me. So far I've only done an x64 build using lib files from the win8.1 SDK so I'd have to find out what windows version that actually works with (i suspect the lib files haven't changed since vista).

      1 Reply Last reply Reply Quote 1
      • johnyma22
        johnyma22 NFC Ring Team last edited by

        @maz_net_au The thing we're missing here is the ability to have NFC events fire while the user is logged in IE..

        User uses ring to log in
        (optional) User puts ring back over NFC Reader to Log out

        This requires a different "service" than the implementation we currently have :)

        Make sense?

        M 1 Reply Last reply Reply Quote 1
        • M
          maz_net_au @johnyma22 last edited by

          @johnyma22
          I was actually working on exactly that. I've made a .net wrapper for the PCSC calls that let me talk to the reader but that basically leaves the me the option of polling the reader for info.

          Anyone got more info? anyone else looked into it?

          1 Reply Last reply Reply Quote 0
          • M
            maz_net_au last edited by

            Alrighty.. So I just found a bug.. and if I can get back into my PC I'll fix it. But until then, please don't use my code unless you really know what you're doing :)

            1 Reply Last reply Reply Quote 0
            • M
              maz_net_au last edited by

              In terms of making a registration app to go with that, to use the windows encryption for the password I need to run it as the same current context. As far as I can tell that means I need to be running as the same user that the LogonUI and CredUI run as (which I think is LocalSystem). Otherwise I have to implement my own (AES128 or something) and then still send the password to windows in plaintext.
              I'll have a look at it after work.

              1 Reply Last reply Reply Quote 0
              • M
                maz_net_au last edited by

                I haven't forgotten this. working on a windows service that will also let me lock the machine with a ring swipe as well. hopefully that'll give me the correct security context to call CredProtect from otherwise i'll have to abandon that idea and roll my own symmetric encryption of some kind.
                Maz

                1 Reply Last reply Reply Quote 0
                • M
                  maz_net_au last edited by

                  Goddamn it. no matter what i do, i cant get the registration app to run CredProtect in the same security context as the LSA service on windows. Time for a new plan.

                  1 Reply Last reply Reply Quote 1
                  • C
                    chadg last edited by

                    Any movement on this? @maz_net_au

                    Looks like you've got it pretty much figured out.. would love to incorporate it into my workflow.

                    M 1 Reply Last reply Reply Quote 0
                    • M
                      maz_net_au @chadg last edited by

                      @chadg
                      There absolutely is progress happening with this. I'm putting updates in another thread https://forum.nfcring.com/topic/724/project-an-extensible-plugin-based-windows-service-that-performs-actions-for-nfc-events/38
                      and the code is all on John's github https://github.com/mclear/Sesame

                      1 Reply Last reply Reply Quote 1
                      • Maxime C.
                        Maxime C. last edited by Maxime C.

                        I'm cross-posting with https://forum.nfcring.com/topic/683/nfc-reader-writer-for-windows/20 as this thread is about the same topic.

                        I'm Maxime from ISLOG and we just put John's advices in practice (he tried our RFID Logon solution months ago and wasn't completely pleased with it previous state).
                        ISLOG Logon is now available freely for personal use under ISLOG Logon NFC Community package.

                        You can download it here :
                        64-bit: http://download.islog.com/islog/4.0/NG/ISLOG Logon NFC Community-4.7.0708-x64.exe
                        32-bit: http://download.islog.com/islog/4.0/NG/ISLOG Logon NFC Community-4.7.0708-x86.exe

                        This is a first version for feedback, please be gentle :). No data encryption for now but it will come.

                        It unfortunately cannot be open-sourced because we have to re-architecture a lot the current codebase to do so (some modules are shared with our commercial product) which is too much investment for our small team right now. So except there is something like thousands of requests we will not do it, sorry. Small comfort, part of it is already open source like the RFID / NFC middleware https://github.com/islog/liblogicalaccess

                        EDIT: see https://forum.nfcring.com/topic/782/islog-logon-windows-nfc-login

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post