Sign up to our newsletter
The latest security news direct to your inbox
A new app lets you unlock Mac computers without entering a password – users simply tap on a paired iPhone with the Knock app when near the Mac, and it opens up.
It’s makers claims that it is “faster and safer than typing a password. You never have to open the app— just knock on your phone twice, even when it’s in your pocket, and you’re in.”
The system is also more secure than it sounds, according to GigaOM’s report – a Mac with the corresponding Knock app for OS X won’t open for any old iPhone with Knock installed, it has to be the one it’s paired with.
“Since presumably you always have your phone with you, Knock adds an extra element of security: the “something you have” authentication aspect,” says GigaOM.
Knock is available via the app store now for $3.99. It uses Bluetooth Low Energy, so it won’t drain iPhone’s battery. CNET points out in its report that it is only compatible with a small range of computers – including 2011 MacBook Airs and Mac Minis or newer, MacBook Pros and Mac Pros from 2013.
The Verge tested the app and found it reliable, saying, “Despite occasional issues, Knock appears to work just fine, picking up on your presence as soon as you approach your computer. Knock also says that passwords are encrypted and won’t be transferred to any computer but yours.”
Many two-factor authentication security systems use smartphones – but rely on the user entering a password to gain access to an app, then using the password from the app to gain access to a computer or other software.
Several start-ups are trying to simplify this process – without using additional hardware such as biometric readers. Earlier this year, WeLiveSecurity reported on a system (currently in beta) where paired smartphones unlock PCs using sounds.
SlickLogin uses sounds inaudible to the human ear so smartphones and PCs can “talk” – once you hold your smartphone near the PC, the machine pllays a uniquely generated sound, and the SlickLogin app “hears” and deciphers it, sending a “green light” to the server that you are who you say you are.
The system uses GPS, Wi-Fi, NFC or QR codes to verify that the phone is nearby – and will “wake” the phone itself, rather than users having to launch an app.
The app’s three makers are former members of the Israeli Defense Force’s cyber security unit, and claim their method beats many current two-factor systems due to, “The seamlessness for the user. We’re also more cost effective, because we don’t require any new hardware.”
Author Rob Waugh, We Live Security