:

PANICLOCK FORCES PASSWORD AUTH WHEN MACBOOK CLOSES

INDUSTRY DESK1 MIN READ
SAT, APR 18, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

A new macOS tool disables TouchID authentication when the laptop lid closes, requiring a password to unlock instead. The app was created in response to a legal case where a journalist was compelled to unlock her device using biometric authentication.

PanicLock addresses a security vulnerability in macOS biometric unlock procedures. When a MacBook lid closes and reopens, TouchID can be used to authenticate without additional verification. The tool forces password-only authentication after lid closure, preventing biometric bypass. Developer Hannah Natanson created PanicLock following her experience as a Washington Post reporter whose computer was searched by law enforcement. She was compelled to unlock her device using her fingerprint, granting access to encrypted communications with confidential sources. The app leverages legal distinctions between compelling biometric authentication and requiring passwords. While courts have ruled fingerprint authentication can be compelled in some jurisdictions, password disclosure typically requires different legal justification. PanicLock's landing page includes detailed analysis of relevant case law and legal precedents. The tool is open source and available on GitHub, gaining 119 points on Hacker News.

■ SOURCES

Hacker News

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.

JUST NOWSecurity Desk

Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.

JUST NOWAI Desk

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

6H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

6H AGOSecurity Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.