Hello everyone! With the global outbreak of the pandemic and the turmoil in the blockchain world, there have been several recent security incidents that have caught everyone's attention. Today, I will spend some time introducing some knowledge about PIN codes, so that everyone can have a deeper understanding of imKey.
What is a PIN?
PIN, short for Personal Identification Number, is a personal identification code. PIN was initially a security measure used by telecommunications operators to protect SIM cards and functions similarly to the 6-digit password of a bank card.
Introduction to imKey PIN
When you first receive the imKey hardware wallet, you will be prompted to set a PIN. The PIN supports numbers 0-9 and is 6-8 digits in length. In addition, to prevent the PIN from being guessed, a security strength check is performed when the user sets the PIN. For example, consecutive numbers ("123456", "345678") and identical numbers ("222222", "666666") cannot be used as the PIN.
What are the security mechanisms of PIN?
In the imKey hardware wallet, you will find that a PIN is required every time you turn it on, so you can understand this PIN as the device's startup PIN. Even if imKey is lost, the evildoer cannot use it, and after six consecutive failed attempts, the wallet (private key, seed, PIN) in imKey will be automatically reset, which greatly ensures the security of the wallet.
In addition, imKey also does a lot of security enhancements:
1. Restrict illegal device access When a stranger's phone attempts to access imKey, a PIN verification is required on the device. This makes it necessary for attackers to have the device, otherwise, they cannot cause harm remotely.
2. Access time limit ImKey sets a time lock for access. If there is no operation within 5 minutes, imKey will automatically lock and the PIN must be re-verified when accessed again.
How difficult is it to crack a PIN?
Don't underestimate the PIN as just a 6-8 digit number. In fact, the difficulty of guessing the correct PIN is quite high. For example, for a 6-digit PIN, there are a total of 10 * 10 * 10 * 10 * 10 * 10 = 1,000,000 combinations. Assuming sufficient resources and attempts, for laypeople with no professional knowledge, only relying on user manuals and other public materials, and without any devices, it would take an average of 500,000 attempts to guess the correct PIN. Based on one attempt per minute, it would take about 500,000/60 ≈ 8333 hours or approximately one year to guess the correct PIN value.