Can a lock picker slowly undermine the security of a deadbolt door?

Question

I have a space for computers secured with a simple deadbolt. Someone keeps coming to pick the lock. While working there, I have scared them away three times.

There are cameras, but not in useful places or all exits and the building manager won't let me run wires for more. I contacted the police, but maybe it is a low priority for them.

With each subsequent visit, does a lock picker gain further progress in undermining the door's ability to keep out? Could they be doing something to the door each time that is getting them closer to being able to open the lock really quickly? Is there anything I can do to stop their ability to pick the lock?

Answer 1

The answer to your question is yes, though whether this will ever actually help them is dependent on the lock and their 'skill'.

With a typical (cylinder?) deadbolt repeated attempts can advance an impressioning attack with a key blank (see tylerl's answer for more detail), if using picking tools the extra visits will improve the feel for the lock and in theory will make the time to pick it quicker, though it should be noted that someone proficient at picking locks is unlikely to need multiple attempts against a simple deadbolt lock.

Lever tumbler locks, as used in some mortise locks, are more time consuming to pick, so fitting one of these (at least 5 levers is generally accepted as necessary) might be a good option. Multiple attempts against this type of lock is likely necessary to develop a successful attack against it so it will give you more opportunities to catch someone.

Restricting access to the lock so that it is more difficult to use lock-picking tools may be effective depending on the lock and installation, generally speaking a key needs less space to operate than lock-picking tools.

But if someone is determined it does not matter what lock you fit, with time and patience any lock can be defeated (eventually)...

Depending on the building layout the door could be bolted from the inside out of hours, so that the only entrances available to the attacker are ones that are covered by the existing camera installation.

It a mortise lock does not discourage them and you cannot bolt from the inside, the refusal to install an additional camera is an implied acceptance of the risk by the building manager - provided that person is authorised to accept the risk there is little more that can be done.

And to add, since this is an information security site, the computers that are behind this potentially insecure door, which is subject to a an observed threat should:

• Have strong passwords configured (including BIOS) and never be left logged in;
• Disable USB interfaces etc to prevent introduction of malware;
• Be configured with full disk encryption so that if the attacker gets in and steals any machines they are of hardware value only;
• Store all your backups and removable media somewhere else;
• Conduct daily checks to make sure unauthorised hardware has not been installed (packet sniffers, key loggers etc).

Answer 2

Yes, there's a classic attack that involves incremental access.

The attacker starts out with a blank key that fits into the lock in question.

The attacker approaches the door, puts the key in, jiggles the key a bit, grumbles something about how the office numbers changing, and leaves.

Then in private he examines the impression pattern on the key. Where there's evidence that the pins were bound, he files the key down a bit. Every day he visits the door with his increasingly-filed-down key, and every day he progressively files it down a bit more, using the impression pattern in the key as his guide.

Then, one day, he'll have filed the key to match all of the pins, and the door will open.

This attack has the advantage that it doesn't look like an attack. It just looks like a lost tenant who briefly visits the wrong door, and then leaves once he's realized his mistake. And when he's done, he'll have a working key.

Answer 3

You choice of lock matters a surprising amount.

There exist locks which have not been defeated through "covert" mechanisms (picking, pick guns, etc.) in the open literature. Abloy's disc detainer locks, and one other type (I think it was a plastic lock from a subsidiary of Kaba?) are two such locks. Replacing the lock may be a suitable recourse, if you're willing to splash out a fair bit per-lock.

Some locks which have not yet been picked in the open literature are simple to defeat -- but it's extremely noticeable. It sounds to me that this isn't suitable for you. Good disc detainer locks are known for being hard to compromise in a short time.

To even think about picking a decent disc detainer lock, you need something beyond the bog-standard torsion wrench & hook.

Other than that, there's a huge range of questions to ask.

Why is the person picking the door lock? Is this an outer door on your premises, or is this the lock to the data centre? If so, how did they get so far in? Why isn't the attacker smashing the door in? Could they have already breached the premises, and be attempting to recover something (e.g. keylogger, packet sniffer, etc.)? How good's your alarm system inside the door? Is it set when you leave? How fast do your security team react when this alarm goes? Can the attacker be in and out prior to apprehension? Have you tested this? Are there any other entry points which could be a risk? Since your threat model clearly involves people willing to pick locks, you need to consider things like lifting suspended ceiling tiles and going over doors and the like. Can you set up to get a positive identification of the attacker, assuming it's the same one each time? Can you set an alarm on the place where the attacker is trying to attack from -- that is, detect them before they reach the door? If it's a data centre, is the hardware in locked cages, or "open"? Can you put multiple locks on the door (e.g. a lever-tumbler with relocking mechanism along side a pin-tumbler lock, or other more "difficult" lock -- sidebars seem to be popular, but be careful, some are known as regional sidebars, and can be considered as "public knowledge" to some degree)

For the most part, your security system seems to be working. You know how long your response takes, you've notified local law enforcement, the lock is holding up long enough for you to respond adequately.

If you repeatedly pick a lock, it often does get easier, as you begin to get a feel for that particular lock (e.g. for a pin-tumbler, you might note that pin 1 sets first, then pin 4. Pin 3 is a security pin) etc. so you can get faster at a particular lock, but it is heavily dependent on the lock type & skill level of the attacker. As such, you will want to start getting a positive identification of this attack and denying them access to the lock, or getting them thrown in jail. If this is not an option, you may be stuck changing or re-pinning the lock periodically (e.g. after X detected attempts, select X wisely), which is costly.

A slightly more expensive lock with a re-locking mechanism might be good deterrent. Chubb-style lever locks are cheap in comparison to good disc detainers, and often alert you to the fact someone tried to pick it when you next try to unlock it, as their re-locker mechanism will have triggered, and the lock won't open without a special key.

If you do go down the line of (something like) a disc detainer lock, do you research. Many of the knock-off, cheap versions of the disc detainer lock are susceptible to attacks which are both quick and simple. Further, they don't hold up well to physical attacks (drilling is the primary mechanism for door-mounted locks).

Speak to a qualified locksmith, a good one should be quite knowledgeable about this, and should be able to help you make a suitable choice of lock.

Answer 4

As a former locksmith, I can provide a qualified "no" for you. It is not possible to incrementally pick a lock, especially if it is a standard pin-tumbler variety deadbolt (Kwikset, Schlage, Baldwin, etc.).

One thing you can do to assure that the lock is 'reset' is to stick the key in it, then removed it - turning it isn't necessary. This will force any stuck pins to be reset to their default position. They would only become stuck if the lock is worn or is particularly shoddy anyway. Either way, it's very unlikely.

To address another person's comment, mortise locks tend to use the same type of pin-tumbler mechanics, and while their higher precision manufacturing and mushroom shaped top-pins can make it more difficult to pick, they operate using the same principle as the lower-end deadbolts you can buy and any hardware store, and can be bypassed by a well-practiced lock picker.

It's entirely possible to buy a higher-end lock that will thwart most picking attempts. Medeco, Assa, and some other manufacturers make them. If you install one of those, your main concern becomes thwarting a forced entry, not lock picking.

Answer 5

Your deadbolt's security does not seem nearly as important as the lack of monitoring on the door. Even the most braindead criminal will eventually realise the value of a bolt cutter, at which point the whole discussion becomes moot.

If a particular layer of your security (usually the outer-most) is vulnerable when you can't afford for it to be you have two options: deter an attacker from attempting an attack on it or add another layer.

Answer 6

Yes. Continuing attempts at a lock do increase a lockpicker's chances of actually picking it. With each try they get a better feel for for how to place the anchors and rakes.

If you're looking to deter the intruder you can set up a current with maybe 3 or more D cell batteries and (be careful about how many you use, you don't want to seriously injure anyone) run it through the lock, you can add plastic or fiberglass to the end of your key to keep it from affecting you and a switch inside the room for ease of disarming.