Is there a better method to unlock this when I've forgotten the combo other than going through all 10000 possible combinations?
You should be able to probe that thing for each gate.
Look up BosnianBill on YouTube. He shows some methods on how to defeat these types of locks.
2 Likes
Will give it a look!
Edit - i like this guy better, i've seen his content, didn't know the first one
You can also buy decent sets for about 10 bucks
I'm not very good but IME many locks are shit and just fiddling around will get you in.
One human vulnerability I learned to opening these easily is that most people do not randomize all the wheels sufficiently when they lock them. Usually they just spin 1 wheel off from the open code by a few clicks.
It's often possible to open them by just spinning each wheel once, setting it back when it doesn't work and then repeating with the next. Often a quick flip of 3 steps in either direction around the center is enough to find the last changed wheel easily.
You can usually also eliminate 0's from the test few people use them and people have a bias towards starting with numbers in the middle of the wheel for some reason, as if lower numbers feel less secure.
Some videos here:
Bosnianbill is great but to probe the gate you'll need a tool (or to make one out of wiper blades). Normally on combinations locks (those with a hasp) you can apply pressure pushing the shackle away from the body and working from the bottom of the cyclinder up rotate the dials until you feel a slight movement, at this point go onto the next dial. Not sure how well that'd work for a kensington lock but best of luck.
The obvious ones first, birthdays, pin numbers, addresses, 1337, 0800, 1234...
I usually keep those for after the "lazy lock" vulnerability though 
From previous guys video description, using the resistance feedback technique and grouping wheels.
This lock takes about 10 minutes on average to open with no special skills. This type of issue is common with many laptop locks. It would be nice to have a rating for these types of locks as do safes.
Kensington Product Number: K64588US
UPC: 085896645887The basic method consists of testing the resistance of two wheels simultaneously for 100 combinations of the remaining two wheels. All the while, testing for resistance as indicators of correct combinations.
The working:
In the following process the topmost wheel is wheel A, the nextmost is B, then C, and D.Wheels A and D are cycled through the following 100 combinations.
A = 0, D = 0
A = 1, D = 0
a = 2, D = 0
...
A = 7, D = 9
A = 8, D = 9
A = 9, D = 9After setting each of the 100 combinations the button is depressed slightly and the two central wheels, B and C are tested for resistance. This mechanical feedback tells the manipulator which of the test combinations creates additional pressure on the central B and C wheels as the A and D wheels approach their correct positions. This additional pressure is created as the fence travels further down the center of the lock and has more of an effect on the central wheels.
This is continued for all 100 possible combinations of A and D. There will be one combination of A and D where B and C are locked in place and cannot be rotated. The values for A and D are now determined. There are now 100 remaining combinations of wheels B and C.
Repeat the process for B and C as performed previously with wheels A and D. In a perfect manipulation this process requires 200 test combinations. Therefore, out of the 10,000 possible combinations 200 are required to be tested to open the lock in a perfect manipulation. This means, the actual keyspace is 2% of the lock's possible combinations.
The effective keyspace can be reduced further by determining which of the wheels B or C can provide the most information via mechanical feedback. This can be done by pressing slightly on the button and determining which central wheel has moves the most easily. Turn that wheel until it encounters some resistance. Then perform the same technique with the other wheel. This reduces the total tests to 100 + a spin of a central wheel (10) + a spin of the other central wheel (10) = 120 test combinations.
*The process below the wheels could be lettered in any manner. In this particular lock it is easiest to cycle through the first 100 combinations on the A and D wheels and test and B & C. If the wheels to test are not adjacent they cannot be rotated together and the test would, therefore, require testing each wheel separately.
Yeah but I wanna open it so I can use it, I got it about 3 years ago in work and forgot the code, it's not locked to anything luckily.
if you can secure the lock to something then you can pull the lock so the wheels lockup on the combo
2 Likes