How long to crack 6-8-10 digit pincodes?

Anticrime

How safe are these pincodes? Using GOS with encryption is great but most people stick to a pincode which is very limited

For example 4 digits is 10.000 combinations, any low grade processor could brute force these easily
6 digits are exponentially tougher to crack but its not super significant

What are real world cracktimes for pincodes on Android with/without the GOS delays for failed pin?

I personally think the delays are quite relaxed btw

[deleted]

Anticrime

There is a rate limit built into the Titan chip. Delay periods increase before another attempt to unlock can happen. Once the 139th failed unlock attempt happens, it's 24 hours.

Assuming this is all true, it should take 13 years to get through half the combinations of a 4 digit pin.

N1b

From what I can see on this forum, it's generally considered secure to use a 6 digit pin as long as the secure element (the input throttling) is working. If it's bypassed, pretty much no pin is secure as modern computers can guess thousands of combinations per second.

If you don't trust the secure element, use a good passkey instead (or biometrics, if your threat model allows for that). Here's a nice comic to show why passkeys are generally a better solution than passwords (if you need to memorize and type them).

p338k

N1b
How does one use a passkey to unlock a pixel? Is it possible? If not, passkeys are irrelevant to the original question.

More complex, random passphrases should be much more secure even if an attacker has a way to bypass the secure element throttling.

N1b

p338k sorry it was a brain fart on my end, I meant passphrase. Thanks for correcting me.

p338k

N1b

That makes much more sense.