Gatekeeper Two-Factor Authentication review: Needs a consumer-grade overhaul

Securing your PC with greater than only a PIN or password is straightforward with Home windows Hi’s biometric logins; on the other hand, now not each and every PC has the hardware to make use of it and a few customers simply don’t wish to retailer their fingerprint or have their iris scanned through Home windows 10, it doesn’t matter what the privateness guarantees are.

Input the Gatekeeper Wi-fi Safety Key from Untethered Labs. This Bluetooth machine works as a one-touch login to your PCs, in addition to a password supervisor that still retail outlets your one-time password codes for two-factor authentication.

It sounds nice, however in my view this product simply isn’t in a position for customers. It was once at the beginning designed for enterprises, and as a substitute of enhancing it for the patron marketplace Untethered is providing the similar product to the lanyard-less lots. The outcome is that Gatekeeper has some trade-offs for house customers and simply isn’t a sensible instrument for most of the people. 

First, don’t mistake Gatekeeper as an alternative choice to units just like the Yubikey. Gatekeeper is extra restricted as a two-factor authentication machine because it does now not toughen FIDO2 one-touch logins for web sites. That can by no means alternate as Gatekeeper doesn’t retailer data the way in which one thing like Yubikey does. All essential data stays secured at the PC as a substitute.

The machine

gatekeeperdesktop1 IDG

The principle dashboard for the Gatekeeper consumer.

Gatekeeper has 3 number one elements: the Bluetooth key fob referred to as the Halberd, a low-profile USB Bluetooth sensor, and the Gatekeeper consumer tool. There’s additionally a password supervisor browser extension for Chrome and Firefox.

The Halberd runs on a CR2450, Three-volt battery, whilst the Bluetooth sensor is powered through the PC.

Gatekeeper manages logins by the use of the desktop tool, and setup is a relative snap. The only factor I’ve is that the desktop tool makes use of undertaking language that can be arduous for some folks to know. You might have to make a choice from a neighborhood or area  account, for instance. Both will paintings in response to our assessments, however native is the very best selection for many customers.

The remainder of the setup is a straightforward case of opting for a PIN and connecting the Halberd to the desktop tool. The Halberd can be utilized on a couple of PCs, although each and every will want a Bluetooth sensor.

As soon as that’s looked after you’re off to the races. Gatekeeper controls logins through growing what seems to be its personal person account at the Window 10 login display. I say “seems” since you gained’t discover a person account within the Settings app. Regardless, the result is visually the similar.

gatekeepersettings IDG

Modify Gatekeeper’s login necessities within the settings.

Gatekeeper permits for a number of other ways to log in, together with proximity detection with PIN, an automated login by the use of proximity detection, and a marginally login the place you should contact the Halberd to the Bluetooth sensor.

By means of default, the machine makes use of the proximity detection with PIN. The proximity is rather restricted, which avoids unintended unlocks when you have computerized logins enabled. When you get about 12 to 15 toes from the PC Gatekeeper locks down the system.

Gatekeeper is a a laugh option to log in this is extra Project Inconceivable than Microsoft Home windows, which is why it’s going to enchantment to a couple. The theory with the Halberd is to stay the fob on you always, thus fighting others from logging in to the PC with out the important thing fob.

The issue is that Gatekeeper doesn’t forestall someone from logging within the common manner by the use of your standard Home windows account. There’s a atmosphere to disable Home windows accounts within the Gatekeeper desktop app, or to require the Halberd along with the common Home windows login; on the other hand, those options are to be had simplest to undertaking shoppers. Possibly that’s a just right factor, as a result of when you ever misplaced the Halberd, or it was unusable, then you definately wouldn’t be capable to get into your PC. We requested Untethered Labs about this and a spokesperson mentioned, “The shopper model of the Gatekeeper utility is supposed to offer the important thing options of the undertaking resolution. Against this finish, now we have determined to stay the quite a lot of configurations to a minimal this is best to show off the Gatekeeper benefits.” 

General, the machine labored rather well. There have been the occasional oddities the place the proximity lock wouldn’t kick in whilst a full-screen recreation was once working and I walked clear of the PC. I additionally wouldn’t see the Gatekeeper login possibility now and again after a complete PC shutdown, which makes this product higher suited to those that go away their computer systems on always.

As a safety machine, on the other hand, Gatekeeper falls quick since you want an undertaking account to in reality forestall anyone from logging in on your PC with out the Halberd. This type of login, then, is little greater than a comfort for house customers.

The password supervisor

gatekeeperpasswordmanager IDG

The Gatekeeper password supervisor within the desktop consumer.

Gatekeeper’s password supervisor works in two techniques. The login data is saved at the desktop consumer, in addition to within the browser extension for Chrome and Firefox. All knowledge is encrypted the usage of AES-256 and you can not get right of entry to it with out the important thing fob provide. 

The password supervisor works merely sufficient. The browser extension gives to seize usernames and passwords as you log in to websites, and it autofills your login credentials as you want them. It doesn’t include further options that devoted password managers do, akin to record garage or notes. The password supervisor saves internet logins and not anything else.

It additionally doesn’t be capable to extract logins from the browser, nevertheless it does have an approach to export logins to a CSV document by the use of the “Recuperate Credentials” possibility on the backside of the Credentials menu pictured above. 

There have been some quirks with the password supervisor’s autofill function. It could behave oddly in Proton Mail, for instance, autofilling the username within the “To:” box of a brand new mail message. It could additionally throw within the username for PCWorld’s CMS login when managing articles within the internet interface. Some financial institution websites would additionally grasp with Gatekeeper lively within the browser.

gatekeeperbrowserextension IDG

Gatekeeper’s password supervisor browser extension.

Gatekeeper additionally wouldn’t reliably be offering to save lots of a brand new login the way in which 1Password or Dashlane would. It could do that now and again, however now not each and every time, that means you’d have to go into some new logins manually.

One great comfort with Gatekeeper’s password supervisor is that it additionally saves one-time password (OTP) secrets and techniques. This makes it imaginable to autofill passwords and two-factor authentication codes on the identical time. You want the Halberd within sight to make use of the password supervisor, so it doesn’t supply simple get right of entry to on your accounts except an attacker has get right of entry to to each the Halberd and your PC with the Gatekeeper utility put in.

The large factor with the Gatekeeper password supervisor for customers is that there’s no cloud element, that means your logins and OTP codes aren’t transferred between PCs. It additionally approach you’ll’t get right of entry to your passwords on a cellular machine. We requested Untethered Labs about this and the corporate mentioned, “Now not right now however it can be thought to be within the close to long term. We’re concentrating at the undertaking shoppers as a result of our function is to supply a complete get right of entry to control resolution for organizations.”

Pricing and the decision

The Gatekeeper Halberd machine prices $60 for the important thing fob, USB Bluetooth sensor, tool, and a lanyard. 

The Gatekeeper machine isn’t for everybody, as it’s now not actually a client machine. It lacks lots of the conveniences that buyers have come to be expecting akin to protected cloud garage for passwords as a way to have their knowledge to be had on a couple of units. The Halberd doesn’t use Home windows Hi, that means you should depend at the Gatekeeper consumer for logging in to Home windows. The corporate tells me the cause of that is that its options together with the automated PC lock don’t seem to be supported through Home windows Hi.

It could even be just right if Gatekeeper labored with FIDO2 as different Bluetooth and NFC units do, however that will not be imaginable because the Gatekeeper key doesn’t retailer knowledge.

In any case, I’m questioning who would in finding this machine actually usable that’s now not a part of an undertaking deployment. It could must be anyone who’s essentially or completely a  PC person (there’s additionally a Mac consumer), anyone who desires a one-touch login comfort for Home windows, and a restricted password supervisor inbuilt to their two-factor authentication machine. That, to me, turns out like an overly slender area of interest.

If, on the other hand, Untethered created a consumer-grade Halberd that introduced a extra full-featured password supervisor (or no less than one with cloud garage for multi-device get right of entry to), FIDO2 toughen, and integration with Home windows Hi (even supposing it approach shedding auto-lock), then we’d having one thing smartly value taking into account. Presently, it’s a slender target market that might have an interest on this as a client machine.

Be aware: Whilst you acquire one thing after clicking hyperlinks in our articles, we might earn a small fee. Learn our associate hyperlink coverage for extra main points.

Leave a Reply

Your email address will not be published. Required fields are marked *