WHAT'S IN A PIN?
- 23 Jun, 2022
The Ronyn Vault has 2 stages of user authentication.
1) First the user must enter the PIN, this secures your device.
2) Second the user must enter the Password, this secures your seed.
This model is simliar to how your smart phone operates. The PIN secures your device, and the password (via apps) secure your data.
The PIN is a 4-8 digit number. This means there are greater than 1 billion combinations for the PIN. The number of pin attempts is limited to 10. After 10 attempts the device will wipe all wallet data. A key point is that until the PIN is correct, the person operating the device will not even have the opportunity to authenticate the password.
What happens if an attacker has stolen my device?
The goal of the attacker is to access the funds on the wallet. If the attacker does not know the pin, they will have 10 attempts to guess the password. After each failed attempt the wallet will lock out for an exponentially increasing amount of time before the next attempt can be made. After 10 failed attempts the wallet will wipe all data and the attacker will not be able to access the device.
What happens if I have forgotten my PIN?
If you have forgotten your pin. You can recover the wallet by re-initializing the wallet on another device by entering the same seed AND password from the prior wallet. In this new wallet the pin can be different. Alternatively you can choose to make 10 failed attempts on the wallet, allow the device to wipe itself and then reinitialize the wallet with the same seed and password. Again the pin can be different from before.
The security provided by the PIN can be enhanced if the user follows some best practices:
1) The longer the PIN the better.
2) Do not enter your pin where another person can view your PIN
3) Do not store your PIN in electronic format