Revision history [back]
 | 1 | initial version | posted 2014-01-09 01:21:39 +0200 |
Relax security code minimum length
Now I have to type at least 5 digits correctly. Sounds easy, right? But I constantly use two smartphones (or even more), each has its own button sizes... Well, for me personally 4 digits code is pretty OK, but adding one more digit significantly increases miss rate. I propose to relax the requirement and allow 4 or even 3 digits. For security:
- Warn the user about weak code (sample numbers about time required to brute force the code manually may give the impression), or
- Make a delay after incorrect attempts. Start from half a second and double the interval every time.
| | 2 | retagged |
Relax security code minimum length
Now I have to type at least 5 digits correctly. Sounds easy, right? But I constantly use two smartphones (or even more), each has its own button sizes... Well, for me personally 4 digits code is pretty OK, but adding one more digit significantly increases miss rate. I propose to relax the requirement and allow 4 or even 3 digits. For security:
- Warn the user about weak code (sample numbers about time required to brute force the code manually may give the impression), or
- Make a delay after incorrect attempts. Start from half a second and double the interval every time.
| | 3 | retagged |
Relax security code minimum length
Now I have to type at least 5 digits correctly. Sounds easy, right? But I constantly use two smartphones (or even more), each has its own button sizes... Well, for me personally 4 digits code is pretty OK, but adding one more digit significantly increases miss rate. I propose to relax the requirement and allow 4 or even 3 digits. For security:
- Warn the user about weak code (sample numbers about time required to brute force the code manually may give the impression), or
- Make a delay after incorrect attempts. Start from half a second and double the interval every time.