# Next Auburn Meeting

Hi Auburn Team,

Last meeting, Jonathan mentioned that you guys can do some white/grey box testing.
We're in agreement that that is a great starting place.

## How many key-selection observations are required to crack an nKode under a given policy configuration?


### Policy Parameters

1.	iconComplexity:
The total number of unique icons available in the system.
(Defines the diversity of visual elements used in the passcode.)
2.	passcodeLength:
The number of icons in a passcode.
(Determines the sequence length required for authentication.)
3.	maxFailedAttempts:
The number of incorrect login attempts allowed before an account is locked.
(Controls brute-force mitigation by limiting retries.)
4.	keypadSize:
The total number of keys displayed on the keypad.
(Impacts usability and potential guesswork complexity.)
5.	iconsPerKey:
The number of icons assigned to each key.
(Specifies the visual density per key, affecting recognition difficulty.)
6.	keypadHashLimit:
The number of unique keypad layouts stored before old hashes are rotated out.
(Ensures keypads are randomized across logins while limiting memory usage.)