Further, a cloned chip would have to be inserted into a forged passport, and new security measures in the passports make that "virtually impossible," the Home Office said, quoting a report released last month by the National Audit Office.
But Laurie said the new passports were marketed as enhancing security, "but so far I don't see anything about it that increases my security."
The greatest weakness with the passports is using relatively easy-to-find data to compose the encrypted key, Laurie said. It would be better to include more random elements that would render brute-force style programs nearly useless, he said.
Laurie's work spawned from concern over how users can know what's on their passport's chip.
"At the moment, if you want to see what's in your own passport, you have to go to passport office," Laurie said. "With my code, you can do it at home."
Laurie has published a library of open-source tools written in the Python programming language that will run on RFID readers made by ACG and by Frosch Electronics OEG, based in Austria.