announced cloud-based backups a month ago, so I am late to the party. Still, I wanted to write down some notes on why 4 digit PINs aren't going to provide real security, no matter how hard one tries.

Thanks to @leip4Ier for bringing this topic to my attention.

@WPalant i think it's also worth mentioning that for bank cards and smartphones, pin is in fact the second auth factor after possession. bank card is a hardware key, iphones have secure enclaves. if i understand correctly, for signal that pin is the only factor.

@WPalant oh, i'm silly, there's also sms which should in theory be possession, but in fact is a complicated thing

@leip4Ier Yes, it's quite complicated. For server-side attacks it doesn't matter. On the client side you need to prove control of the phone number as well. But they announced this feature as a transition towards accounts not bound to a phone number. So this protection factor will likely go away, presumably it will only be the PIN then.

@WPalant server-side attacks are of little concern to a regular user (those who don't pay attention to "remote key changed" notifs either), but sms is p easy anyway

they have to use something to avoid spam, so it'll likely be email or oauth? (curious whether my addresses will work if it's email!)

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.