Security Tip: Better passwords with a CueCat (Windows)
CueCats are barcode scanners that were given away by Digital Convergence in the late 1990s. They were designed as a way for consumers to scan barcodes from magazines and other media and be directed to a website with more information on the product or service they scanned. The scans were encrypted to prevent law suits based on the DMCA (Digital Millennium Copyright Act) of 1998. However they are still useful today as a low cost barcode scanning solution with a little hardware modification and or some free software known as CatNip which bypasses the encryption. The nice thing about these devices is that they type any scan into any field and press enter which makes them perfect for passwords. In this article I am going to show you how to take your modified or unmodified CueCat and use it to login to your computer via passwords encoded into barcode format.
What you will need.
1. A CueCat USB or PS2 will work.
2. A barcode (You can use one from an existing rewards card or make your own here)
3. An account to test it on before using this as your form of authentication.
Start by connecting your CueCat to the PS2 or USB port for use if you are using PS2 you may need to restart your machine before you can use it. Install and run the CatNip software so the scans are not encrypted by the CueCat hardware. You may want to remove the encryption device from your CueCat known as de-clawing or neutering the CueCat. If so you can find articles on Google on how to do it. For this article I am just going to use the free CatNip software.
Prepare your barcode either by using one you already have (like your blockbuster card) or making a new one with any secure password you like using this free barcode generator web application. Next in windows create a new user name it test or something for testing your new authentication tool. DO NOT USE this for your primary Administrator Account. If the CueCat fails to scan you may render your machine useless and have to either use a password recovery tool or worse reformat your system (you have been warned). When Windows prompts for a password click the password field to place your cursor inside it and scan your barcode then repeat for the confirm password field. Log out of Windows and sign in your new test account only when it asks for the password make sure your cursor is in the password field and scan away. The CueCat will type the barcode data into the password field and press enter for you. If everything goes as planned you will log on to your new account.
After you have done several successful test logins you can apply it to your main account and delete the test account. Remember to make a copy of your barcode for safe keeping in case you lose your card or it becomes unreadable and make sure they both work. This method will allow you to have passwords that would otherwise be extremely hard to remember and overall more secure. It is also important to point out that the CueCat is not the most accurate reader available and sometimes you may have to scan the barcode several times before getting a good scan but hey they are like $10. If you plan to use this method for a commercial environment I recommend getting a commercial scanner for the job. Have fun and try not to lock yourself out of your workstation.