NFC Sesame - Login like a wizard

by John McLear

John McLear wants some feedback on this project. What do you like? What could be better? Anything missing?

Leave feedback
    1. Missing avatar

      Travis Baker on

      Would still love to see this... I keep my NFC ring on a chain as a necklace since I'm not crazy about wearing rings... That being said, I would use this on my PC no problem... Love it, wants it

    2. Jeff Flowers on

      Hi there, today being world password day - I'd like to intro myself. Hi, I'm Jeff and John asked if I could help out with the project, see about getting this going. I think that the project's aims are important and will positively impact a lot of users. I just started a new forum post (https://forum.nfcring.com/topic/760/sesame-input) and looking forward to the dialogue that develops.

    3. Missing avatar

      Ronnie Morgan on

      Would love to see an update on this. Is this project going to happen?

    4. Maz on

      RE: the linux comments. I'm in the process of trying to buy a new laptop right now and I'll be putting linux on my old one. So I am happy to also make a version of the software that works over there but because its not been my default OS, it'll probably take me a lot longer to work out the dev process. On the upside, the software shouldn't be hard to port once I understand how talking to an NFC reader and locking/unlocking works on Linux.
      Keen to see this project launch so that I can get some help with UI design and a nice wizard and installer package to make it easier for more people to use it.

    5. Missing avatar

      Jarod on

      Windows Hello Login with NFC ring would be awesome.

    6. Missing avatar

      Leo Edwards on

      I'd back it but I've not used Windows in years. Once I switched to Linux (Debian) I never looked back

    7. Lachlan Pollock on

      Definitely interest, Maz - It'll happen.

    8. Maz on

      I made the windows service that would lock the PC also. It also needs a lot of polish and stuff to make it ready for the public but the code problems are solved.
      Any interest in launching this kickstarter?

    9. Lachlan Pollock on

      Hooray! :-)

    10. John McLear 2-time creator on

      t-shirts removed, REJOICE :)

    11. John McLear 2-time creator on

      +1 dropping t-shirts :P

    12. Lachlan Pollock on

      Awesome, thanks for the feedback and crazy coding, Maz!

    13. Maz on

      So I just posted a working proof of concept and all the code to github under an MIT license that implements a custom credential provider in windows that listens for a hardware event off a generic PC/SC device ACR122U and uses the details of it for authentication.
      I'll pledge for reader + stickers and I'm happy to contribute to the software beyond what I've already done.

      FWIW i think the pledge levels are pretty good and sensible. I think it's important to keep the GBP 10 pledge level because some of us have already bought an ACR122 and don't need more (I can always use more). If anything i'd be inclined to drop t-shirts.

    14. John McLear 2-time creator on

      @Mark can you suggest a use case please?

    15. Missing avatar

      Mark Reith on

      How about a compiled ocx to allow further integration with other apps\password managers

    16. Chris Allen on

      @Andreas Cheers, apparently I misread that line!

    17. John McLear 2-time creator on

      +1 Andreas

    18. Andreas on

      @Chris this project won't be taking away the standard lock screen, as it is working with APIs for windows.

    19. John McLear 2-time creator on

      @Charles Good shout! DONE :)

    20. Missing avatar

      Charles Terch on

      I would love to see this come to life and would defiantly back it.
      I backed the NFC Ring and am wondering if there will be a level with just the reader and software without the stickers.

    21. Chris Allen on

      I would definitely support this.
      While I have started setting up something similar for myself a production quality solution would be amazing!
      The only concern I would have is with the removal of the standard lock screen but hopefully the stretch goal will mean this wont be an issue.

    22. Tenko on

      ah!!! Gotcha!!! :D

    23. John McLear 2-time creator on

      Tenko well the NFC enabled stickers are "NFC Ring" stickers :P

    24. Tenko on

      Also, at the 30 pound level, it says "2 NFC Ring NFC enabled stickers and an NFC reader...". Shouldn't it be "2 NFC enabled stickers and an NFC reader..."

    25. Tenko on

      NFC Ring Mouse... now I'd really like to see it!!!

    26. John McLear 2-time creator on

      @Mats Biometrics don't provide any method to reset or change a password and also have a relatively high false positive rate, for that reason I don't think biometrics is within the scope of this security solution.

      @sglla Agreed :) Actually a "NFC Ring Mouse" is something we have prototypes of but it's a fair amount of work and a lot of Windows users will have gaming mice and wont want to change! I'm one of those people FWIW ;) I will do a video at some point about my work on that but it's only really a weekend project for me. If we could make it within the scope of this project that would be AMAZING but we'd need someone who was willing to do mice on a piece by piece basis based on a backer sending a mouse in to be modded...

    27. Missing avatar

      sgllama on

      I'd hope that a project like this wouldn't drift too far into areas such as fingerprint scanners: doing that just opens the door for the bane of software: continual feature creep that pushes out the effort required and delays delivery. Plus the real risk that building in such features into the earliest versions causes them to be baked into the logic so that you end up with software that *requires* the extra hardware features, which then makes it useless for anyone who doesn't use that specific reader box.

      If you want to allow for the possible use of other readers - fingerprint, smartcard - then certainly structure the software so that it can be extended but not so that it has to be.

      FWIW as soon as I saw this project I started wondering if someone better at PCB design than me could produce an NFC reader (sans fingerprint reader!) tucked into a mouse, so that one could just sit down, wiggle the mouse to "dismiss the screen saver" and go, without anyone else being able to do the same. Probably some good reason that can't be made to work...

    28. Missing avatar

      Mats Thell
      Superbacker
      on

      Like this new project and will back you up, but I would like to see an fingerprint scanner integrated into the device/solution, and perhaps the old smart card reader.
      Is that possible today or for the next generation ?

    29. John McLear 2-time creator on

      @spamcop Did you read the campaign? :P
      @Braden Yea the hardware matching on the NFC Express leaves a fair amount to be desired ;)

    30. Missing avatar

      Braden Nida on

      ASUS made a device that was a USB 3.0 hub (NFC Express) with NFC login support but it only works for a limited few of the ASUS motherboards. If you made this project if love to see it have USB A and C ports on it as well as being able to put your phone on it for NFC atuhtnticated Bluetooth file transfer support. Or whatevez

    31. Missing avatar

      spamcop on

      if there is not similar support via NFC as yubikey NEO, then this is waporware i think. You need to support TOTP and secure element and also support for linux is essential. basically there needs to be smartcard in ring... then it would be awesome

    32. NialP
      Superbacker
      on

      Awesome project John, I would be in along with a few other people I know. It takes setting all the software and hardware for a Windows unlock system away from me an into the hands of someone who knows what they are doing. Go for it!

    33. John McLear 2-time creator on

      @D Nuk'em - We searched for them and found none, which ones are you referring to specifically?
      @Joseph it is :)
      @Tenko Probably the ACR 122 but we haven't settled on this yet.
      @Bart I specifically cover linux in great detail.
      @Kelden We wont be doing AD support during this campaign.
      @Travis yeah the video is temporary, we will do a more commercially accessible video before launch
      @Javed I hear your point, we are doing other things too :)
      @Nicholas: Emulating a keyboard for password entry is something I tried and decided was bad practice, you can see our solution (inc source code) and my explanation here: https://forum.nfcring.com/topic/691/nfc-ring-logger-tutorial-with-a-keyduino

    34. Nicholas A. Hauenstein on

      I'm actually working on something similar. It's a microcontroller based HID that uses a PN532 to read an NDEF text message off a tag and simply type that in via bit banging. That way it can work cross-platform. Will have a switch to enable/disable pressing RETURN after entry. Also looking to add a hardware random generator that can write a new key to a tag.

    35. Javed1975@hotmail.com on

      To be honest I think you should take s bigger leap like incorporating it into like a universal proximity tag for house alarms and home automation

    36. Lachlan Pollock on

      There are some really good points being brought up here in feedback!

      The main aim of this will be to provide a number of reward levels, including one that you can pledge for to get a complete single computer solution where once the software is complete you'll be able to install, connect your pledged reader and/or ring, run the setup and go.

      One of the reward levels is bundling a recommended reader in with the software, another level is for an NFC Ring as well - The reader we're currently playing with that has the best results is the ARC122 which is readily available online.
      The beauty of this being open source is that even though the 2FA/MFA is set out as a stretch goal it can still be written in later by the community and added to the main fork as an option.

      Anyone who is interested can join #nfcring on freenode and have a chat about it - we might not reply instantly but if you idle a while you'll get an answer.

    37. Missing avatar

      Dallin Bastian on

      I'm imagining myself using an NFC enabled keyboard and NFC Ring combination which authenticates nearly simultaneously as I enter an eight digit pin as a MFA solution. This whole thing is brilliant, but I believe it only makes sense to me as MFA. Consumer Windows authentication is a joke unless something like this makes it more robust. I will pledge.

    38. Travis Good on

      Too geeky a pitch for the mainstream. Not that this is for your average Joe to back but we non-security geeks need to know the rest of the solution. Backing a software initiative is fine but I'd want to know that the short path to a complete solution includes a recommended NFC reader. I have the ring. I back the software. I buy the reader. I'm set. This needs to be the promise of this campaign.

    39. Missing avatar

      Ronnie Morgan on

      I would do it at the 30 pound level. And I would be tempted if there were a 2 NFC Reader option. I think it's a great idea, and it would be something I could depend on and trust.

    40. Missing avatar

      Kelden on

      Add another stretch goal for active directory support. Would be great to login to our servers only with tag and password.

    41. Bart Blommaerts on

      How about Mac and Linux? Both could be tackled in one go since they both use Portable Authentication Modules.
      The NFC reader would ofcourse need to have a kernel module. Preferably one that's already in there.

    42. Dean on

      I'd be interested in this for sure, I'd be interested in a pledge point for 2 NFC Readers as an option as well (already have a couple of tags and rings 2013 and 2015 editions). Just to cover my pc in the workshop as well as the one inside the house!

    43. Joseph Farthing on

      A good reward would be to bundle a compatible reader... Unless that's mentioned somewhere and I missed it...?

    44. D Nuk'em on

      This seems super similar to open source projects that are available all over the internet. What's the USP of this project?

    45. Max Ocklind on

      I was already planning to do this with my Keyduino when it arrives, but I guess this project will be popular with the common techie. :)

    46. Tenko on

      For tiers that we get an NFC reader, which one are you providing?

    47. John McLear 2-time creator on

      @Loic: Updated to add that info
      @Johan: Linux may be at some point!
      @Engarde: Well we're pretty confident at delivering around that date
      @Laszlo: Updated content to explain that :)
      @David: It's an extension so that should make you super happy! :)

    48. Missing avatar

      Loic Burtin on

      Does stretch goal 30k mean that we can run custom actions (js, vbs, macro or whatever) when a NFC tag is scanned while logged in ? That'd bring unlimited possibilities to the software.

    49. Missing avatar

      Johan Binard on

      I'm waiting for this project since I bought my NFC ring after the first kickstarter campain. I will definitly take it back from my drawer when the software will be ready. Make it also work for Linux and I will be a happy man :)

    50. Missing avatar

      Loic Burtin on

      This would make my life much easier at work and at home, I'd love to see this project come to life.

Show older comments

No feedback yet! Be the first to leave feedback

This is not a live project. This is a draft shared by John McLear for feedback.

Note that all projects must comply with the Kickstarter Rules to launch. John McLear may disable this link at any time.

Project image
)}
£0
pledged of £ 10,000pledged of £ 10,000 goal
0
backers
30days to go

Back this project

Share
Tweet
Mail
Embed
此專案不在進行中。
這僅僅是發起人選擇分享的草稿。
£0
pledged of £ 10,000pledged of £ 10,000 goal
0
backers
30days to go

Back this project

Share
Tweet
Mail
Embed
此專案不在進行中。
這僅僅是發起人選擇分享的草稿。

About

Login to your Windows Desktop machine using any NFC Reader and NFC Device (Such as an NFC Ring)

Demo video of the software in action

 project video thumbnail
Replay with sound
Play with
sound
  • Off
    • English

What will this software do?

Use an NFC device (such as NFC Ring) to interact with an NFC Reader (Such as an ACR122 USB NFC Reader) to login to Microsoft Windows (7,8,10).

Why would I want this?

This will make it super simple to login and unlock to your PC with just the wave of a hand.

Doesn't this already exist?

Current login software for Microsoft Windows has, but isn't limited to, the following issues:
  • Ridiculously Expensive
  • Requires specific NFC hardware (such as Asus NFC Express)
  • Buggy
  • Closed source
  • Designed for the enterprise (Requires Active Directory)
  • Not flexible

How will we do it better?

I think we can make better software that will:

  • Be Free (as in freedom)
  • Be Open Source (Apache 2 license)
  • Work with any NFC Reader hardware
  • Designed for home users
  • Work with any NFC Tag (not just NFC Rings)

What is the NFC Sesame Reader hardware stretch goal?  

We're able to ship an ACR122. This reader is great but it hasn't been designed or tuned to work specifically with NFC Rings so user experience will vary. If we reach the NFC Sesame Reader hardware stretch goal we will be able to ship each backer (who backed the hardware pledge level) a specially designed NFC Reader that looks great and matches beautifully with both the 2013 and 2016 NFC Rings and is based on the Omnikey 6321 NFC Reader.

How will we spend the money?

To have a minimum viable software product, we need in total about ~£10k+ to make this project a reality. The cost of developing the software is ~£5k and the cost of managing the project is ~£2k. Our lead .net developer subcontracts to us for $60 per hour

Stickers are manufactured in Shenzhen, China.

What language will the software be written in?

We will be using the .Net (dot NET) platform/framework, because that is the best option for integrating with the core Windows functions, due to the availability of native API's. Once the software is completed it will be possible for our community to maintain and support the software. All code will be up on Github.

Will we support other operating systems?

The scope of this project is purely for Microsoft Windows 7, 8, 10 (home, pro editions etc). Nothing is stopping us from making software for Linux, however, due to the nature of Microsoft Windows Credential Provider, it makes absolutely no sense to share the code base for other operating systems that aren't Windows.

Why not just make the software and sell it?

It's 2015, that outdated licensing model stinks and doesn't give you the freedom you deserve. We're crowdfunding because it gives you control over the software you use, the way it should be. We do however recognize the irony of building open source login software for a closed source operating system.

Stretch goals

  • £15k - Support multiple user accounts
  • £20k - Use NDEF records for additional Security
  • £25k - Change login icon image
  • £30k - Events on Ring leave / enter NFC while logged in
  • £35k - Second factor authentication (Password is one factor, NFC Tag is second)
  • £37k - i18n / Internationalization / Translations
  • £40k - Sesame USB reader

How secure is this solution?

Realistically ISO14443 UIDs are not a secure authentication method. However due to the physical design of the NFC Ring it's a relatively secure solution. This solution is more about convenience over security.  Optional security can be included / added to after the fact(see stretch goals)

Can I trust you?

Of course.  We have successfully delivered multiple Kickstarter projects in the past, and have been completely transparent throughout the entire process. We worked with Google to integrate NFC features into Android. We made the worlds first NFC Ring and the Worlds First Payment ring. We have a pretty decent track record and enjoy playing fair with other companies in the space. We hang out on IRC (Freenode) at #nfcring, and at the NFC Ring forum.  The project creator John is a prolific open source software project contributor and maintainer, he has over 10 years experience in maintaining and developing software and services.

Can I still use the Windows Login Screen and have NFC as an additional form factor of authentication?

See the "Second factor authentication" stretch goal.

Is replacing the Lock Screen on Windows a good idea?

We don't replace the Lock Screen.  We're still using the Native APIs and security methods.

What does "Events on Ring leave / enter NFC while logged in" entail?

Our current scope allows for pre-defined events such as lock, logout but there is nothing stopping us to extending that allow custom third party scripts.  This additional functionality could be added as an additional stretch goal should we reach this point.

What readers will this work with?

Any device that shows up as a Smart Card Reader in Windows Device Manager.  Arduino based devices would need custom bootloader installed for this functionality.

Why should I even pledge if I can just get the software for free anyway?

Without us hitting the funding goals we won't be able to make the software. If you can't afford to pledge, don't, you will still get the software no problem at all. If you can, that's awesome and we appreciate the support! Open source projects can be supported in many other ways though, here are some examples:

  • Spread the word and tell others about the project
  • Help write documentation
  • Contribute source code
  • Suggest features
  • Report bugs

How far in are we?

We already have initial agreements in place with the developer who has written similar software. We have exhaustively tested other applications and methods. We have created documentation and wireframes.

We also have a community-donated effort by Maz who has created a very solid login solution that just requires a little bit of polish to be immediately usable, and we will be able to build further upon this base to give it end-user polish and any further features from the stretch goals.

When could we expect to see this software?

This is only a small project so it will only take a few months to go from funding through to the first binary however during development you will be able to build your own package.

Seriously John, no Linux support?

Linux is what I use on the majority of my devices, I don't hide that and I totally get that the majority of our backers want to see us promoting and supporting open source.  However, because some software I have to use (such as the software used for 3D modelling antennas) only runs on Microsoft Windows I have to use Windows.  I feel a lot of people are in similar positions..  So why not just do Linux at the same time?  Well Linux already has pretty decent community driven efforts in this area, we'd be standing on a lot of toes and providing no notable real value to the project.  Linux also has a lot of distro's we need to dev for, we could just focus efforts on the notable BSD and Debby based distros but each has it's quirks and you can't guarantee a specific desktop etc.  So while we are huge Linux promoters, this project at this time is right for our Microsoft community and hopefully once we have enough traction and a mature enough UX we can take that experience over to our preferred home.

I want to pledge for multiple pledge levels, how do I do this?

Ask a friend to pledge on your behalf.

Risks and challenges

Contract software development has a fair amount of risks. Our developer has a good background in this type of project development and is confident he can deliver. We have a contract with him that protects us.

Delivering NFC Readers, stickers and rings should be easily dealt with as we have ample experience in delivering hardware from Kickstarter projects.

Learn about accountability on Kickstarter
Questions about this project? Check out the FAQ

Support

  1. Select this reward

    Pledge £5 or more About $7

    Showing my support

    Just want this software to exist? Happy to oblige! You will still be able to download the software when it's ready.

    Less
    Estimated delivery
    0 backers
    £

    By pledging you agree to Kickstarter's Terms of Use, Privacy Policy, and Cookie Policy.

    Kickstarter is not a store.

    It's a way to bring creative projects to life.

    Learn more about accountability.
  2. Select this reward

    Pledge £8 or more About $10

    THE SOLID BACKER
    The software and listed(optional) in the official about page (or in a separate md file on GitHub), as a contributor / backer.

    Less
    Estimated delivery
    0 backers
    £

    By pledging you agree to Kickstarter's Terms of Use, Privacy Policy, and Cookie Policy.

    Kickstarter is not a store.

    It's a way to bring creative projects to life.

    Learn more about accountability.
  3. Select this reward

    Pledge £10 or more About $13

    JUST STICKERS
    The software & get's you a few NFC Ring NFC Stickers

    Less
    Estimated delivery
    Ships to Anywhere in the world
    0 backers
    £

    By pledging you agree to Kickstarter's Terms of Use, Privacy Policy, and Cookie Policy.

    Kickstarter is not a store.

    It's a way to bring creative projects to life.

    Learn more about accountability.
  4. Select this reward

    Pledge £30 or more About $37

    THE READER
    The software and an NFC reader (see reader stretch goal info)

    Less
    Estimated delivery
    Ships to Anywhere in the world
    0 backers
    £

    By pledging you agree to Kickstarter's Terms of Use, Privacy Policy, and Cookie Policy.

    Kickstarter is not a store.

    It's a way to bring creative projects to life.

    Learn more about accountability.
  5. Select this reward

    Pledge £35 or more About $43

    THE STICKY READER
    The software, 2 NFC Ring NFC enabled stickers and an NFC reader (see reader stretch goal info)

    Less
    Estimated delivery
    Ships to Anywhere in the world
    0 backers
    £

    By pledging you agree to Kickstarter's Terms of Use, Privacy Policy, and Cookie Policy.

    Kickstarter is not a store.

    It's a way to bring creative projects to life.

    Learn more about accountability.
  6. Select this reward

    Pledge £60 or more About $74

    THE KIT
    The software, 2 NFC Ring NFC enabled stickers, an NFC reader (see reader stretch goal info) & an NFC Ring

    Less
    Estimated delivery
    Ships to Anywhere in the world
    0 backers
    £

    By pledging you agree to Kickstarter's Terms of Use, Privacy Policy, and Cookie Policy.

    Kickstarter is not a store.

    It's a way to bring creative projects to life.

    Learn more about accountability.
  7. Select this reward

    Pledge £100 or more About $123

    TITANIUM PROJECT SPONSOR
    Your name / company name / logo listed on the KS page and in the README.

    Includes One NFC Ring, an NFC Reader and 2 NFC Ring Stickers.

    Less
    Estimated delivery
    Ships to Anywhere in the world
    0 backers
    £

    By pledging you agree to Kickstarter's Terms of Use, Privacy Policy, and Cookie Policy.

    Kickstarter is not a store.

    It's a way to bring creative projects to life.

    Learn more about accountability.
  8. Select this reward

    Pledge £200 or more About $246

    CERAMIC PROJECT SPONSOR
    Your name / company name / logo listed on the KS page and in the README.

    Includes One NFC Ring, an NFC Reader and 2 NFC Ring Stickers.

    Less
    Estimated delivery
    Ships to Anywhere in the world
    0 backers
    £

    By pledging you agree to Kickstarter's Terms of Use, Privacy Policy, and Cookie Policy.

    Kickstarter is not a store.

    It's a way to bring creative projects to life.

    Learn more about accountability.
  9. Select this reward

    Pledge £300 or more About $369

    PALLADIUM PROJECT SPONSOR
    Your name / company name / logo listed on the KS page and in the README.

    Includes One NFC Ring, an NFC Reader and 2 NFC Ring Stickers.

    Less
    Estimated delivery
    Ships to Anywhere in the world
    0 backers
    £

    By pledging you agree to Kickstarter's Terms of Use, Privacy Policy, and Cookie Policy.

    Kickstarter is not a store.

    It's a way to bring creative projects to life.

    Learn more about accountability.