Thank you for the response. I'm still a bit confused. > What we're discussing here is how to increase the number of PIN retries that > are allowed before that locking happens. The counter still protects from > brute forcing. > > The default is 3 attempts, but I think 5 is still reasonable and a bit > "safer" in terms of not accidentally locking yourself out. > What's the control on this to stop a bad actor from stealing an OpenPGP card and setting the reset count to 99999? I know you alluded to hardware implementation, but does the spec require the level 2 password to change this, if it can?
_______________________________________________ Gnupg-users mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-users
