TSA Master Keys

Someone recently noticed a Washington Post story on the TSA that originally contained a detailed photograph of all the TSA master keys. It’s now blurred out of the Washington Post story, but the image is still floating around the Internet. The whole thing neatly illustrates one of the main problems with backdoors, whether in cryptographic systems or physical systems: they’re fragile.

Nicholas Weaver wrote:

TSA “Travel Sentry” luggage locks contain a disclosed backdoor which is similar in spirit to what Director Comey desires for encrypted phones. In theory, only the Transportation Security Agency or other screeners should be able to open a TSA lock using one of their master keys. All others, notably baggage handlers and hotel staff, should be unable to surreptitiously open these locks.

Unfortunately for everyone, a TSA agent and the Washington Post revealed the secret. All it takes to duplicate a physical key is a photograph, since it is the pattern of the teeth, not the key itself, that tells you how to open the lock. So by simply including a pretty picture of the complete spread of TSA keys in the Washington Post’s paean to the TSA, the Washington Post enabled anyone to make their own TSA keys.

So the TSA backdoor has failed: we must assume any adversary can open any TSA “lock”. If you want to at least know your luggage has been tampered with, forget the TSA lock and use a zip-tie or tamper-evident seal instead, or attach a real lock and force the TSA to use their bolt cutters.

It’s the third photo on this page, reproduced here. There’s also this set of photos. Get your copy now, in case they disappear.

Reddit thread. BoingBoing post. Engadget article.

EDITED TO ADD (9/10): Someone has published a set of CAD files so you can make your own master keys.

Posted on September 8, 2015 at 6:02 AM67 Comments


Richard H September 8, 2015 6:28 AM

Or you could just buy a TSA lock and reverse-engineer it. With the original key, half a dozen blanks and a file you don’t even need to take the lock apart.

Snarki, child of Loki September 8, 2015 6:44 AM

Or, do as many have recommended, and pack a ‘firearm’ in your checked bag. (‘firearm’ = starters pistol, for example). More paperwork hassle, but MUST use a non-TSA lock, and handled in a different, traceable, high-security, luggage handling stream.

So maybe, JUST MAYBE, in addition to not poking around in your bag, it could arrive at destination.

Too bad it doesn’t work for international travel.

FP September 8, 2015 7:24 AM

Wouldn’t every luggage manufacturer in the world also have a master key?
Or is there a mechanical equivalent of complementary public/private keys?

Agate September 8, 2015 7:27 AM

The whole thing neatly illustrates one of the main problems with backdoors: they’re fragile.

Also illustrates one of the main problems with the TSA: its employees have incredible amounts of security authority, which they don’t have the proper training to use. Anyone who holds a set of these keys should know as much about physical key security as the average BoingBoing reader.

Woo September 8, 2015 7:42 AM

Many of those TSA keys look like they might be easily replaced by a bent paper clip anyways. Luggage security has been a farce long before TSA locks.

JoachimS September 8, 2015 8:00 AM

Looking at the keys, how on earth can key marked TSA004 even be considered to provide any type of security at all. It looks like the key my grandparents used to lock the outhouse.

Mason September 8, 2015 8:02 AM

The quoted recommendation to use a zip-tie is bad; with a knife, it is easy to open and re-close a zip-tie without breaking it.

M September 8, 2015 8:04 AM

Have suitcases gotten better, or does the bic pen to split the zipper open not work anymore? Which makes the cheap shoddy locks somewhat redundant.

name September 8, 2015 8:05 AM

Or the TSA could use a ballpoint pen to open the zipper part of your luggage, then simple move the lock or lock substitute around a bit until it closes everywhere.

Wayne September 8, 2015 8:06 AM

My cutters were always able to open any of those luggage locks. Depending on one of those locks for security is foolish, master key or not. I use it to hopefully prevent my luggage zipper from coming undone.

dosman September 8, 2015 8:22 AM

The fact that the TSA keys are public now is amusing. But it’s not like anyone really trusted these locks anyway right? They basically have not one but two ways to get them opened without the owner knowing. The TSA keyways are without exception simple to pick open, and the combo locks are easy to figure out just like any other cheap combo lock. I have some that I can determine the combo by eye-sight. I can see putting a zip-tie on your luggage if you want a quick way to tell if TSA was inside it. But putting a tamper evident seal on the bag is just plain silly. If you are that concerned, declare your luggage and have it inspected at check-in. Deviant has done a great job of covering this info here:

Anon September 8, 2015 8:32 AM

So now every suitcase is wide open. Not just mine, but all the ones belonging to innocent strangers that I fly with.

Good job TSA, you’ve increased the attack surface exponentially.

Anon September 8, 2015 8:34 AM

If you are that concerned, declare your luggage and have it inspected at check-in.

You’re not getting it. The problem isn’t just my luggage. It’s the luggage of everyone that I fly with.

msa September 8, 2015 8:43 AM

As for zip ties, while they can sometimes be opened and reused, in practice, the TSA will not do this. They just cut them off, since zip ties and blue gloves are the two things the baggage screeners always have at the ready.

One thing, though, they are only issued white zip ties, so if you pack and use some assorted colors (or another oddball zip tie, like a mountable head or metal tie), you can tell if it’s been opened and resealed. (I get a love note maybe 85% of the time a bag is inspected.)

And, as noted, any zipper closed bag can be trivially opened with a ballpoint pen then resealed anyway.

Zip ties are good enough security for my dirty undies anyway.

Coyne Tibbets September 8, 2015 8:55 AM

I hung around with a guy who was an expert in keys. One of the things he taught me is that the pattern of a master key can be inferred from the pin settings in an assorted collection of the target locks.

So, if you want the TSA master key for a given lock:

  1. Get access to fifty or so bags of the type the master key is to open.
  2. Record all pin cuts in the individual locks.
  3. Boil down commonalities using a program–Excel might be good enough if you’re clever.
  4. The pattern that’s left over is the master key pattern.
  5. Profit.

(I thought everyone knew this.)

Reminds me of a story: At a certain organization with which I was associated, they remastered a building because too many people had master keys. They had almost completed the re-mastering when one of the administrators lost his key ring, which naturally contained one of the new master keys. So much for re-mastering.

The TSA is fooling themselves if they think any of their master key patterns are a secret. Might as well publish the picture.

Andrew Sullivan September 8, 2015 9:03 AM

Do people actually rely on those flimsy locks for security in checked luggage?

The only reason I use the locks (yes, the TSA ones) is to prevent accidental zipper opening during handling, without creating a lot of waste plastic by using zip ties. I’ve always assumed just about anyone with access to my bag could get into it (and without me knowing) if they really wanted to.

But that points to another problem with the “backdoor phone/email/TLS” keys analogy. Only a fool (or criminal, prepared to endure the loss) would transport seriously valuable things in checked luggage without either insurance or special handling or both. Airlines and the TSA and everyone else warn you about this, because your contract with the carrier has all kinds of limits on what kind of loss you can declare. But the whole point of online encryption is to provide for secure online transactions. So the vulnerability of the TSA-approved lock is an inconvenience in the case of luggage, but a fatal flaw in the case of encryption keys.

Johnny September 8, 2015 9:19 AM

Since we can never be 100% sure the luggage hasn’t been opened the best one can aim for is sometimes detecting whether it has. A zip bag with a loop to fix the lock to, so it can’t be re-zipped once opened with a pen or whatever, would at least show you the bag has been opened when you go to collect it.

wiredog September 8, 2015 9:26 AM

I tried using those locks. Every one was cut off, presumably by the TSA. My bags get “random” searched every time I fly. I assume I’m on a list somewhere, which is weird, since I’m cleared TS…

Snarki, child of Loki September 8, 2015 10:04 AM

@Johnny: “Since we can never be 100% sure the luggage hasn’t been opened the best one can aim for is sometimes detecting whether it has.”

Oh, that’s EASY. Just make sure that your bag has extra, empty space. Go to a bait shop and buy live crickets to fill that space.

You can tell that your bag has been opened by the screams coming from the baggage inspection area after you check in. Good idea to leave the airport at that point.

Justin September 8, 2015 10:17 AM

@ wiredog

“… I’m cleared TS…”

Yeah I’d be posting that online… They’re probably just making sure you aren’t exfiltrating secrets from the country.

@ everyone else

Don’t you hate it when people like that read over your shoulder?

nszceta September 8, 2015 11:04 AM

Nothing of value was lost.

I can open and close any luggage without touching the lock. All I need is a ball point pen.

Gweihir September 8, 2015 11:21 AM


I have done that too for luggage closed with zippers. Zippers are not really tamper-proof at all, once you understand them. Although unless you are very careful, you can damage the zipper, especially metal ones, so I only did limited experiments. Anyways, a zipper is a typical case of something that most people assume opens only in one way, when that is patently false.

Clive Robinson September 8, 2015 11:44 AM

For those saying all you need is a “ball point pen” there are slide fastening systems that are resistant to not just ball point pens but most other forms of attack with only simple tools. Some are good to IP67 environmental ratings some to more than 5 atmospheres preasure differential.

As for the TSA keys, there is only one of those the coresponding lock would not open with at most thirty seconds of work by a lockpicking neophyte with bits you could pick up at the “airline enquires” desk…

As for all you need is a photograph, I remember Bruce and other commenters here being suprised when I first mentioned it as a security risk.

The thing to remember is “There are no unpicable mechanical locks” even quite a few electronic locks are easy to get around with a little lateral thinking.

Always remember “Physical Security Measures are not about stoping attackers, only slowing them down”…

nszceta September 8, 2015 12:15 PM

@clive robinson

“… there are slide fastening systems that are resistant …”

….and I bet that less than 1% of world travelers use them.

d33t September 8, 2015 12:30 PM

“TSA “Travel Sentry” luggage locks contain a disclosed backdoor which is similar in spirit to what Director Comey desires for encrypted phones.”

The only way to fly now without potentially having some rotten creep (or criminal) going through your luggage is to check your bag at the counter with an unloaded firearm inside and have it inspected as it’s checked. Then you can put a real lock on it, and the TSA can’t look inside without a lot of hassel. I wouldn’t try this in NYC or Chicago. They tend to make up their own laws.

What’s the equivalency for cell phones after the man gets its way again? Carrying your medical records on your phone with a screen saver that says “Attention! Medical Records Inside”?

I recently got the ok from work to ditch my cell If I’d like. I’ve been minimizing it’s use in my life since 2013. Of course some day, I may end up on the “doesn’t use a cell phone” list of pre-crime suspects.

It’s nice being loose from the ball and chain. I’m thinking about taking care of some of the local pigeons instead. Ordering a pizza by pigeon would be awesome fun!

Kevin September 8, 2015 12:43 PM

I started zip tying my luggage closed 5 years ago. I only travel a few times a year but since I started doing it my luggage has never been opened for inspection. I always check baggage because I trade beer unavailable in one location for beer unavailable in my home town. I also have a bunch of tech gear i shove in there – ethernet & hdmi cables, usb chargers, etc… Bunch of electronics, bunch of liquid and they still don’t check me.

I have a bladeless multitool with wirecutters on them to open at the destination. normally i put it in an un-zip-tied pocket of the checked baggage but if I forget the bladeless lets me get it through security.

Don’t pull the zip tie tight. leave room to fit the wirecutters in, but that’s too small for anyone to get in the bag without cutting the tie.

rgaff September 8, 2015 1:10 PM


You’re already on the “draws breath” list of pre-crime suspects (which is, all of us, if we’re not dead)


Well goody for you… I must be on the “must search bag every time” list, because I get one of those little love notes in my bag every time I fly, that says my bag has been searched… Congratulations, we’ve posted to the same blog now, you can expect to be searched too now…

mmmwright September 8, 2015 1:28 PM

I’ve bought two of those locks that the TSA can open, and they just cut it off. Now I don’t bother and I just don’t put anything valuable in my bag if I have to check it.

Infidel September 8, 2015 1:31 PM

Almost with a superior sneer:
There’s also this set of photos. Get your copy now, in case they disappear.

What? No exclamation points?

Definition of doxing:
Searching for and publishing private information on the internet with malicious intent.

Mr. Schneier, you are acting like a 14 year old with the links at the bottom of your post. You could have made your point without the dox. Instead you gravitated downwards into hacker muck to poke the TSA (US Govt and thus US citizens) in the eye with a assumed superior finger.

Cutesy. Pranky. Cantnakerous. And dumb.
But in this echo chamber you are a hero.
No surprise there.

The deeper insight here is the way one’s echo chamber can cause one to lose one’s way. Your moral compass has been truly distorted by the feedbacks and echoing plaudits. There’s nothing wrong with goading the US govt. to greater performance. But joining a fairy-ring of doxers to do it? Kid stuff. Your general readers expect better. For shame.

rgaff September 8, 2015 1:41 PM


When logic fails to produce results any longer, you are only left with poking fun at things. You are welcome to join any time.

Anura September 8, 2015 1:46 PM


First off, this is not doxing; doxing is posting someone’s personal information. This is equivalent to posting a link to a published weakness in a crypto system. Anyone who wants the pictures is going to be able to find them; keeping it hidden at best provides an illusion of security, and an illusion of security is sometimes worse than no security at all.

jonathan September 8, 2015 2:20 PM

I agree this is a wonderful illustration of why backdoors are silly.

When I fly I “lock” my luggage with a carbiner or some other fastener since we are not allowed to use anything secure.

If you want to use a decent lock send your luggage via a commercial shipper (UPS, FedEx, et cetera).

tyr September 8, 2015 2:30 PM


Please be kind enough to post a link to a picture of
the moral compass.

Inquiring minds like to see some evidence of these


OT what’s this about european banks pulling their
gold out of the Federal reserve ?? ( RT banner

Cassandra September 8, 2015 2:41 PM

The TSA Master Keys are not a backdoor. The are a ‘front door’, as they were not secret: most travellers knew that in order to prevent locks being broken or luggage damaged by TSA inpections, they needed to buy TSA approved locks that can be opened with the master keys. So it was an entirely explicit and above-board front_door.

It illustrates why a ‘front door’ for encryption is a bad idea. The TSA front door for locks is only meant to be used by the appropriate authorities, but the access keys are now no longer secret and can be used by ‘black hats’. The same vulnerability would be true for any ‘front-doored’ encryption method.

TPM September 8, 2015 3:50 PM

I’ve always found luggage locks to be a bit funny. I’ve never owned a bag that you couldn’t just cut open with a knife or scissors anyway.

Jonathan Wilson September 8, 2015 5:08 PM

I have seen a number of suitcase designs out there that have the lock (combination or key including the TSA logos) built into the case so it holds the zips in place. Much harder to simply open the case and close it again with a pen or whatever.

rgaff September 8, 2015 8:19 PM

@ badenov

Oh, that’ll solve all our problems. We just need to attach stickers to all our electronics that says “do not hack this” and all our problems will be gone. Why didn’t I think of this before! It’s so easy, and sooooo effective!

fajensen September 9, 2015 3:18 AM

I always assumed that the TSA-key was there to allow CIA-operators to ship heroin (or whatever is currently the accepted payment for all of those “Freedom Fighters” fighting freedom everywhere it emerges) using my luggage.

I always hoped that someone would screw up and leave the goodies in my bag for me.

RonK September 9, 2015 7:27 AM

@ Mason

Any object with a thin enough point will do to pry open the ratchet on an ordinary cable tie. My favorite is a push-pin, but the small eyeglasses screwdriver I carry works really well, also.

If you want it to show tampering, instead of just cutting off the extra tie length, just melt it down into a ball of plastic. (I’m not responsible if you set your luggage on fire.)

r September 9, 2015 9:28 AM

I happen to think that I have a fairly different outlook on these locks…

Like Andrew, I don’t expect them to stop anyone at all really, but I do tend to keep them for everyday usage otherwise.

These TSA locks I believe, may stop anyone who would regularly require a warrant dead in their tracks.
Plus, If you happen to lose the key or maybe travel without it… big hairy deal, too bad – so sad.

Additionally, combination locks may facilitate deniability.

As a side note, I tend to save various images of an interesting value and I think I saved a copy of that image like 2 weeks ago?
You NEVER know when something will be censored or redacted, local copies are almost always a must.

mattoz September 9, 2015 3:16 PM

Simple explanation: the Post is owned by Bezos. Amazon will soon have a sale on luggage featuring “TSA Masterlock 2.0” – impervious to those leaked master keys.

uh, Mike September 9, 2015 8:53 PM

I always assumed that the keys were in the wind. The TSA would need 100% obedience from a large, diverse workforce, not to leak them a matter of days, not years, after they were issued.

Likewise for hotel safes. Numerous hotel staff have access to the master code. And it’s the hotel staff that you’re trying to protect your valuables from; ever seen a broken-in hotel door?

There is almost always a backdoor. If the lock is owned by someone else than the person who sets the key, then there certainly is a back door for the owner. Not the owner? Look for the backdoor.

MarkH September 10, 2015 3:35 AM


All of the TSA locks I have seen so far are marked TSA007, and are opened by one of two variants of a non-master key.

My first real lesson on the theory of security came from my mentor (a very accomplished engineer), who said about luggage locks in general (this was back in the day before most luggage was hard-sided),

“they’re to keep your friends out.”

Thomas_H September 10, 2015 6:26 AM

@ Harry:

Actually, they are fairly easy to open without cutting them by pushing the little tab in the “locking part” with the tip of a knife or some other sharp tool. Afterwards, you can then close them again, and there will be no clear evidence of tampering if you made sure everything was put back into place correctly.

Sancho_P September 10, 2015 6:10 PM

@all the “cable ties” and

”forget the TSA lock and use a zip-tie or tamper-evident seal instead”
[Nicholas Weaver]

The point isn’t that the bag was opened by TSA from airport to airport.
It is not that something might be missing now.

When e.g. flying from Caracas to the US, what should I do when I realize the “seal” was tampered with?
I might find a friendly TSA paper in the luggage, but what if not?
I’d like to trust TSA personnel but about half of the time there is no TSA reminder in the luggage. Were they just lazy? Can I trust them anyway?

But if a book, bottle of wine, whatever of minor value is missing, which happens quite frequently nowadays, I can not believe that someone is taking the risk to simply steal such items.

I have to assume that the resulting void was needed to transport items of higher value.
So I have a very bad feeling when I see my seal is broken.

The point is that the bags are not sufficiently secured during transport.

I try to set up a poker face, take my bags from the belt conveyer and sincerely hope that any possible item was already removed, without any trace, before I proceed.
Thanks, CIA would be comforting, I thought only the bad boyz are doing it.

A Nonny Bunny September 11, 2015 12:58 AM


Zip ties are good enough security for my dirty undies anyway.

My dirty undies are good enough security on their own, I just slap a biohazard sticker on the suitcase 😉

A Nonny Bunny September 11, 2015 1:46 AM


But if a book, bottle of wine, whatever of minor value is missing, which happens quite frequently nowadays, I can not believe that someone is taking the risk to simply steal such items.

I’d believe it. Just like I believe that burglars will raid someone’s fridge and will occasionally be found asleep on the sofa.

You shouldn’t underestimate the banality and stupidity of what people will do.

Just add the nice box of of chocolate with a friendly note for the hard-working TSA people in your luggage, and maybe spike one of the chocolates with a shot of tabasco. 😉

John December 7, 2015 10:37 PM

This whole thing is funny because it illustrates just how inept government security is, but it really makes no difference to people with luggage locks.

The cost of a 3d printer and the need to inspect the lock, determine what key to use, and then pull out your key to open the flimsy lock will make a pair of small bolt cutters much cheaper and less conspicuous. This is assuming the criminal is rummaging through luggage in the open. Most likely they will just take the luggage to a secure location and then cut the lock.

Everything is just a charade. . . “We at the TSA want you to keep the delusion that your luggage is safer with a luggage lock while also maintaining the delusion that we are competent.”

Really, of all of the photos of sharp combs and nail clippers that the TSA has confiscated, where are all of the bombs taken out of luggage? TSA agents would be holding those things up like 100 lb sharks for photo ops. Luckily for us, most terrorists have proven to be less creative and effective than even the TSA.

Clive Robinson December 8, 2015 5:29 AM

@ john,

The cost of a 3d printer…

Not required, never has been, I hand cut keys from just looking at them in “break glass” units and memorising the “keying” back in the 70’s whilst still a youngster.

The thing is it only looks hard superficialy… Once you know a little about locks which you can find out from taking them appart it’s easy.

Even when the key uses a complicated milled end profile, you just have to get a key blank… Or find a key with a higher profile. Which gives you the choice to cut it down yourself, or use it as an “end run” around locksmiths brain dead security proceadures.

Most lock smiths won’t sell you a blank, but they will cut you a new key without even thinking about it… Opps.

You can then cut down the freshly cut key to the required profile.

Now you might say “but getting a higher profile key will be almost impossible”… Well you might be suprised due to the way lock manufactures make locks for the mass market home improvment outlets. They cut high to reduce returns rates, and you can most times see the keys in the plastic package, and thus can look through them on the rack at your local DIY home improvment store.

But… there is one type of key that always has a lower profile than a cut key and that is the “bump key”… And these have another advantage. If you think about a lock with a fancy key blank milling, the more you cut down the key, the less of the fancy milled profile is needed, thus one bumb key will work with several different milled profile locks… Opps again.

No doubt some locksmith will read this and believe I’m revealing “guild / trade secrets” and might even comment so (they got on Matt Blaze’s case for less). But how do I put it gently, “Locksmithing is not the Magic Circle”, if they sell shoddy security, which they do, and pretend it’s real security for the purpose of selling what they know to be shoddy security goods, and some do, then they’ve crossed the line from marketing to fraud, thus exposing them is in the “National Interest”.

Clive Robinson December 8, 2015 5:58 AM

@ ALL,

Whilst I’m at the “revealing all secrets”…

If you make your own bumb keys they are fragile as they are made of soft metal like brass, not high strength tool steel, so they are more likely to break.

Which could be a real problem when you are shall we say “doing it covertly” as part of a black bag job. As you might well not be able to get the broken part out of the lock, which would be a real give away fairly quickly, thus very counter productive.

Now the “big secret” in magic is not the mechanics of the trick but “misdirecting the audiance”.

Knowing this will help you get over the broken bump key issue. That is you misdirect the suspicion to something else like petty vandalism or revenge etc, not an attempt at covert entry.

Thus “you glue the lock” with a real solid non transparent epoxy glue similar to those that sometimes get called “liquid metal”. This has three benifits, the first is misdirection which you can dress up a bit more in various ways. The second and more important is it hides not just the broken piece of bump key but other “tool marks” as well. These two combind means that unless the premisis owner is real suspicious they will call a locksmith first not the cops especially at business premisses. The locksmith if they are of the “time is money” sort will just “drill out the lock” thus mostly ruining any evidence that might be of use in an investigation.

But there is something else that might happen that is to your advantage. So thirdly as most locksmiths do not carry security locks in their vehical, there is a good chance a low grade security lock will be fitted as a tempory measure for a couple of days…

So just to remind people those who do black bag jobs know this information and so do most criminals, thus everday folk not knowing this are very likely just like the magician’s audience to fall into the “misdirection trap” and thus miss the real trick untill it is to late.

Ollie Jones December 19, 2015 1:09 PM

Jenna McLaughlin of The Intercept followed up on this story with the TSA, and got this remarkable response from TSA publicist Mike England.

The reported ability to create keys for TSA-approved suitcase locks from a digital image does not create a threat to aviation security. These consumer products are ‘peace of mind’ devices, not part of TSA’s aviation security regime.

Carried and checked bags are subject to the TSA’s electronic screening and manual inspection. In addition, the reported availability of keys to unauthorized persons causes no loss of physical security to bags while they are under TSA control. In fact, the vast majority of bags are not locked when checked in prior to flight.

In other words, the luggage locks are nothing more or less than security theater.


JasonR July 6, 2017 3:23 PM

@Snarki, child of Loki

I assure you traveling with a firearm doesn’t keep your luggage from being searched, just the hassle of having to come back to TSA to unlock it and be present.

Traveling with a firearm requires you to lock up the firearm, not the luggage. FAA rules require only the owner of the firearm have the key or lock combo, and of course TSA locks won’t qualify for this. So, if you lock the luggage without locking up the firearm separately, you’ll have to go thorough a long manual drug and explosive search through every nook, crevice, and cranny of your luggage.

The expedient way to travel with a firearm is to lock it individually in a small case inside your clothing luggage, secure it with a cable to the internal spine of the luggage and put a normal TSA lock on the clothing luggage. Even then, some airports will still pull you aside (or paging you on the intercom to come back) and want to do the thorough swab and check search of your luggage.

As other have said, put a zip tie on the luggage if you want to know if they went inside it.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.