“These locks are very secure.. they cannot be broken! Wanna take this one or the other?” said the receptionist at my local gym in a sloppy salesman attempt to an ‘alternative choice’ close. Well, I needed a lock anyway.
They did not seem to have key locks so I took a combination lock to simply slow down any attempt to access my locker. Luckily for me, the lock was not as secure as he had claimed, let me explain…
Knowing how to open your own locks can sometimes be far more useful than enabling you to see them as a tool for slowing down thieves by a couple more minutes. Here’s why.
Two weeks ago, I got stuck. I finish my training and I come back to my locker to realize that I forgot the lock combination. My room card is now inside the locker and so is my ID and credit card. My sore muscles were unable to support me in banging my head against the locker.
The only choice I seem to have now is to cry until the “I forgot my password” option shows up on the lock. Although the latter might seem like a reasonable strategy at first, I decided to act differently.
There isn’t much of a choice left, so I decide to try to open it…
Minutes later, I walk out not only having successfully retrieved my stuff but also having found a strategy to open that lock again even if blindfolded and in less than three minutes.
The exact method is described in Example 1. But before we begin, here is the principle you can use to open any digit combination lock. It is the one I used for the latter lock and also for the example shown in Example 2.
This principle is the binding force. And no this has nothing to do with Star Wars or any other augmented reality world. Here is how it works:
Apply a light and constant binding force as if you were to open the lock (by lifting the shackle for example). While maintaining this force, investigate the digits by rotating the disks and try to notice any differences, i.e.: range of movement for the shackle, clicking sound, rotating disks get stuck etc.
Still seems overly complicated? here are some examples with step by step instructions on how this could be implemented in two sample locks.
Example 1–3 digit lock in less than 4 trials
Here are the steps I used to unlock my Nutramino 3 digit lock:
Step 1 — Identifying the prospect numbers
Start with the rotating disk that is the closest to the shackle.
If you pull the shackle and try to rotate the disk it gets stuck. However the next disk seems to turn freely.
As shown in Figure 1. Assuming that disk 1 is the closest to the shackle, change the numbers on disk 1 and try to turn disk 2, until you find a number for which disk 2 gets stuck.
After finding a number for which disk 2 gets stuck note it down. This is a candidate number as it could be the one that corresponds to the correct combination. Keep going until you identify all the candidate numbers for disk 1. In the end, you will end up with four digits as shown in Figure 2.
The same strategy should be done for disk 2 to identify its candidates (by checking when disk 3 gets stuck). Disk 3 does not need any of that since by simply rotating it, the lock will open if you are on the correct combination. But this is still 4 x 4=16 possible choices. However, we can still reduce the number of possible trials as shown in step 2.
Step 2 — Lowering the number of trials
As shown in figure 3, the only candidates that need examination are 2 and 7 as they are the lowest candidates from each two close candidates (the set containing 2 and 4 is reduced to 2, and the one containing 7 and 9 is thus reduced to 7). This can be deduced only by checking the range of motion of the disk that gets stuck. This range of motion becomes smaller in the correct number. The number of trials is thus downsized to 4.
Step 3 — (optional) Even less trials
If 4 trials is still too much for you, note that one can actually find out that 2 is the correct number by checking the range of motion of the disk, the range of motion gets lower on number 2 than it is on 7 but it is hard to notice so in the worst case you will end up trying 4 combinations.
Example 2 — Opening a 4 digit bike lock in one trial
This is much much simpler than the latter. As you apply a force as if you are trying to open the lock, turn the disk that is the closest to the opening part until you hear a clicking sound. There is only one number where you will hear/feel the clicking. And as you might guess that number is the correct digit you need for your combination.
Well, as disappointed as I am with my brand new lock, I still keep using it. While I do not keep any valuables inside the locker anymore I just use the lock because it will make the experience of opening my locker more painful and risky. I am also relying on the fact that there is a constant flow in the locker room and a thief might be afraid that the owner can show up at any moment.
Oh! And before I end this post, here’s an extra example by Samy Kamkar that shows how a Master Combo lock can be opened. Again here, same principle: Break open any Master Combo Lock in 8 tries or less
Looking forward to hearing your experiences