Xiaomi Sherlock M1 Allows You to Unlock Your Door with Your Smartphone

Xiaomi has recently launched a new product from their MiJia (My Home) family with Sherlock M1 smart lock, which can you stick to the inside part of your security lock, insert the key, and them control it with your smartphone using Xiaomi app.

Sherlock M1 key features and specifications:

  • Compatible with both right and left opening doors
  • Connectivity – Bluetooth 4.0 LE
  • USB – 1x micro USB port for charging
  • Battery – Rechargeable 3800mAh battery
  • Dimensions – 12.80 x 6.20 x 7.35 cm
  • Weight – 430 grams

The lock ships with some specification / user guide? in English. The video below shows a bit more about the installation steps.

The main benefit of such smart lock is that you can share virtual keys with other people living in the household, so no more lost keys. Of course, you’d have to trust this cannot be easily hacked. This “user manual” provides some more details with regards to supported locks, as well as key and door requirements (it must be flat for the sticker lock).

If you are inside, you can unlock the door by swiping on the side with your finger, but this can be disabled in case you have young kids around. The battery is said to typically last 6 months on a charge, and since Bluetooth 4.0 LE is required, you’ll need a phone with Android 4.4 or greater, or iOS 8 or greater.

I first found the lock on GearBest where it is sold for $101.99 including shipping, but you’ll also find it on Aliexpress for $99.99 and up.


9 Replies to “Xiaomi Sherlock M1 Allows You to Unlock Your Door with Your Smartphone”

  1. Another terrible “lock” design that’s super limited to the type of doors/locks it can be used with…
    Not that it’s an easy thing to design, but there are far better retrofittable products than this.

  2. If your lock is the type that can’t be turned when a key is inserted in the opposite side of the door… you will have a huge problem if the battery is empty for any reason…

  3. “Of course, you’d have to trust this cannot be easily hacked.”

    What an opportunity for entrepreneurs!

    How soon will the Russian or Ukrainian criminal software cracking groups be selling cracks to cambrioleurs?

  4. Slightly off topic but relevant. The BBC show Click recently showed a electronic safe that had expanding sides to wedge it in cupboards etc. Clicks presenter found she could wiggle it lose. Then one of the production crew demonstrated that banging the white safe on the top popped the safe door open!
    Honestly a biscuit tin would of been more safe a place for your cash.

  5. @Deets
    I know of at least a few.
    danalock.com – as they’re Danish, they’ve verified their design with a lot of European and Scandinavian lock types.
    fridaylabs.net – works with some, but not all types.
    august.com – requires an add-on kit.
    qrio.me/smartlock/ – only in Japan, although it was put on Indiegogo, but failed miserably there.
    candyhouse.co – did quite well on Kickstarter and works with a wide range of locks and would be far superior to the Xiaomi product above design wise, although I can’t speak for the hardware itself.

    Sure, not as many options as for deadbolt locks, but still plenty of options, no?

  6. @cnxsoft :
    Bluetooth 4.0 LE is required, you’ll need a phone with Android 4.4 or greater, or iOS 8 or greater

    All iOS versions prior and including 9.3.5 are vulnerable to Blueborne (it’s just over 4 months ago that this made headlines) so the only safe way to deal with BT on older iOS device that do not receive upgrades and are stuck at 9.3.5 or below is to switch BT completely off. Same problem applies to Android devices too but I would assume the majority of Android users doesn’t give a sh*t about updates at all (at least those who I know are happy if stuff is cheap and don’t think about anything else).

    The few times I dealt with BT security I thought I learned that when done correctly with more recent versions of the protocol stack hijacking connections becomes difficult or even impossible but denial of service is still an issue (and pretty much a showstopper with this use case).

  7. Let me guess how it works:
    1.private key in XiaoMI server
    2.lock hold a ”public key“.
    3.server — SSl –> app — BLE –> lock

    If a hacker get my XiaoMi Account, uhmm…

Leave a Reply

Your email address will not be published. Required fields are marked *