Reading time: 6 minutes / Lars Buchwald / 16 October 2025

When Things Go Wrong – and Why That’s Not Such a Bad Thing After All

Contents of This Article

→ Why mistakes are not weaknesses but teachers

→ Design & construction flaws – when perfection blocks itself

→ When technology obeys – and that’s exactly the problem

→ The hotel hack with humour – comfort beats control

→ What these cases have in common – and what they teach

→ Four principles for fewer mishaps and more security

→ Security is movement – why stagnation is the greatest risk

→ Mistakes drive progress

True security is not shown through perfection, but in how we deal with its small mishaps. One thing is certain: nothing is infallible – neither humans nor machines. And especially in the world of locking technology, things get interesting when something doesn’t work as intended. As the saying goes: we learn more from our failures and mistakes than from success. Cases in locking technology where things didn’t go according to plan aren’t embarrassments – they’re teachers. And to be honest, sometimes they’re simply too good not to share.

Technical misunderstandings you’ll never forget – and hopefully never repeat.

Let’s take a look at three particularly instructive – and admittedly humorous – real-world examples. They all have one thing in common: they show that it’s okay to laugh about security mistakes, as long as you come out wiser on the other side.

Design & Construction Flaws – When the Lock Cylinder Sabotages Itself

It was one of those moments when innovation became a little too ambitious. A well-known manufacturer – let’s call them the “designer among cylinders” – wanted to create the ultimate in precision. A high-security cylinder: sleek, elegant, and technically almost perfect. The goal? To eliminate any possibility of manipulation and control every movement down to the micrometre. After all, we know that lockpicking works by exploiting the tolerances of a lock cylinder – so, simply eliminate those tolerances. Sounds great, doesn’t it?

On paper, it was the perfect cylinder. The manufacturing looked like clockwork – every pin precisely tuned, every detail carefully considered. But in practice, perfection revealed its pitfalls, and the cylinder quickly turned into a “total failure.” When inserting the key, even the slightest pressure was enough to jam the internal mechanism. The core seized up, and nothing moved.

The cause was simple yet fatal: the tolerance range was so narrow that the system – made up of many small components – overreacted at the slightest deviation, and everything came to a halt. No external manipulation, no tool failure – the lock simply sabotaged itself.

The engineers found themselves facing a product that was theoretically unbeatable because it allowed zero tolerances, but in reality, it couldn’t even pass a basic usability test. You could say: the cylinder was too perfect to function. The lesson here is as old as craftsmanship itself: true precision and security emerge only when technology remains both robust and easy to use.

When Technology Obeys – and That’s Exactly the Problem

It was an ambitious project. A security officer wanted to prove that his company was at the cutting edge of technology. Away with keys, in with biometrics – fingerprint scanners on every door. Modern, elegant, contactless, supposedly tamper-proof. At least in theory.

The great thing about systems like this: you can feel like the ruler of all doors. Once you’re in the system, you hand out access rights like sweets – today Colleague Meier can access the archive, tomorrow perhaps not. Whoever is admin quite literally has their finger on it.

And that’s precisely where the problem began.

The security officer naturally wanted to test whether the system was as clever as the brochure suggested. So he registered his finger twice – once as an employee, once as an administrator. After all, he wanted to see whether the technology would dutifully distinguish between the powerful and the powerless. It did. Just not in the way he expected.

A fingerprint isn’t stored as an image but as a dataset of feature points – ridges, bifurcations, curvatures. On each scan the system simply checks whether a finger shares enough of those points to count as a match. When the finger was stored twice, the system ended up with two almost identical datasets and could no longer tell which one should be treated as valid.

This produced a strange but not uncommon effect: all of a sudden doors opened for fingers that were merely similar enough. The system thought it recognised its administrator again – when in reality it was just a colleague with a similarly broad thumb.

The software did exactly what it had been taught. It saw two valid fingerprints, both carrying full permissions, and drew the wrong, but logically consistent conclusion: “If it looks that similar, it must be correct.”

That wasn’t a technical fault so much as a human misunderstanding of technology. The machine doesn’t think for itself – it simply executes what it was programmed to do.

The takeaway is simple: anyone who blindly trusts technology hasn’t fully grasped the principle of security.

Hotel Hack with Humour – Two Cards, a Thousand Open Doors

What sounds like an anecdote from a hacker movie was in reality an absolute security catastrophe waiting to happen. Countless hotels worldwide used an electronic locking system that was considered particularly reliable. Contactless cards, fast access, everything managed digitally – a hotel operator’s dream.

But the system had a tiny yet crucial flaw: it failed to make a clear distinction between “guest” and “admin”.

Resourceful hackers discovered that the internal security code for each door – the so-called master key – could be derived from publicly readable data on the room card. With a bit of patience, a standard card reader and a few lines of software, one could generate a second card from a simple guest card – a kind of “master key” in the form of a credit-card-sized token.

And the best (or worst) part: you didn’t need an insider at the hotel, access to a database or specialist knowledge. Two cards, a laptop and a touch of curiosity were enough – and hotel doors around the world were open.

Suddenly the whole hotel was in uproar. Overnight the doors seemed to have minds of their own – sometimes they opened, sometimes they stubbornly refused. Guests stood bewildered in corridors while technicians with laptops and headlamps scurried between floors as if working on a secret NASA project. Entire hotel chains replaced systems at record speed, emergency training sessions were improvised, and the phrase “your key no longer works” took on a whole new meaning.

The real mistake wasn’t a technical failure but a design error: convenience had been prioritised over control. The system was practical, quick and user-friendly – but not conceived with sufficient security in mind. It relied on the assumption that no one would think to question the card logic. As it turned out, that was a fatal and ultimately very costly error.

Wired article on the Unsaflok technique that can open millions of hotel rooms with two cards.

FAQ – Everything You Need to Know

About the Author

Lars Buchwald has been an integral part of the Multipick team since 2006, where he dedicates his passion and expertise to marketing and graphics. As a trained graphic designer and copywriter, he brings a wealth of experience and creativity to his work, which enables him to convey the messages of the ingenious tools in an appealing and convincing way. With a keen sense for the needs of the target group, he steers Multipick's marketing fortunes. His commitment is characterized by a high degree of sensitivity and the right richer at the right time. 

As a native of Bonn, Lars not only has close ties to the region, but has also firmly integrated his passion for marketing spear tools into his professional work. His attachment to the city is reflected in his work and gives his marketing campaigns an authentic, Bonn touch.

Related Articles