App unlock with a passcode is possible to brute-force

[sche]

Part 1: Define the problem

What problem are you trying to solve?

Currently, we use 6-digits passcodes, and users can try as many attempts as they want to unlock the app.
Unlikely, but technically this passcode can be brute-forced.

What is your hypothesis?

Making passcode entries more securely could lead to more trust in the mobile app.

What value does this bring to our customers and/or our mission? What is the goal?

Funds safety.

How do we measure it?

• Percentage of users that meet the lock threshold

Links:

Figma Designs

Part 2: Shaping the problem

We need to find a reasonable balance between security and convenience when unlocking the app. If we keep the current 6-digits codes, we still can significantly increase security with time locks.

Problem Owner

@sche

Non Goal(s)

Reworking FaceID authentication.

Solution

Lock the phone for t seconds after three unsuccessful attempts and after any unsuccessful attempt that follows.
It should require more than 10 years to brute-force the passcode.

Approximation

t = 10 * 365 * 24 * 60 * 60 possible attempts / 10.000.000 combinations ~ 30 seconds

Rough Scoping & Timeline

S - less than a week of work

Risk(s), Key Trade Offs & Decisions

• this measure might be not enough for proper security
• users might be too irritated

Concept Mocks

Alternative solutions & ideas

• Use longer passwords
• Use smaller timelocks in the beginning, but gradually increase lock time intervals

Open Questions