Hotel door tech provider moves to crack down on lock hacker

An electronic hotel lock provider has issued a series of fixes to its technology after a cheeky developer used a major conference to demonstrate a hack to open doors.

Onity was forced to react after Mozilla software developer Cody Brocious used the Black Hat security conference to outline how he could open hotel doors a simple open-source device.

Brocious used a piece of technology costing around $50 which he adapted so that he could attach the device to the underside of an Onity hotel lock.

According to The Register, Brodious’s device was only able to work because of two parallel issues with Onity locks: “The ability to read memory locations on vulnerable electro-mechanical locks and flawed cryptography in the key cards system itself.”

After initially dismissing the hack as “unreliable”, Onity has now issued details to potentially nervous hoteliers for how to prevent the hack from hitting their own properties.

The fix comes in two forms:

A “mechanical cap” which can be inserted in the programmable plug of the existing Onity locks, effectively blocking the physical access.

The second options is likely to anger hoteliers (who have found themselves at the mercy of recent developments, both security-wise and now financially) involves replacing the control mechanism and firmware for both the HT and Advance series locks that Onity produces.

The company says:

“For locks that have upgradable control boards, there may be a nominal fee. Shipping, handling and labor costs to install these boards will be the responsibility of the property owner.”

Expect this to run and run.

NB: Electronic hotel door lock image via Shutterstock.

Share on FacebookTweet about this on TwitterShare on LinkedInEmail to someone
Kevin May

About the Writer :: Kevin May

Kevin May was a co-founder and member of the editorial team from September 2009 to June 2017.



Your email address will not be published. Required fields are marked *

  1. Andrew Sanders

    This security breach affecting millions of hotel rooms has finally been addressed thanks to the power of smartphones –

    White paper on the subject will be available soon via

  2. Jane

    Nice. The company’s code has a flaw that puts both hotel operators and their guests at risk, but hotels have to jimmy the locks or have to pay to upgrade the hardware to protect themselves.

    Onity competitors VingSafe and SafLok should be paying attention – might be a good time to find new customers!


Newsletter Subscription

Please subscribe now to Tnooz’s FREE daily newsletter.

This lively package of news and information from Tnooz’s web site provides a convenient digest of what’s happening in technology that drives the global travel, tourism and hospitality market.

  • Cancel