30 lines
1.1 KiB
Markdown
30 lines
1.1 KiB
Markdown
# Next Auburn Meeting
|
|
|
|
Hi Auburn Team,
|
|
|
|
Last meeting, Jonathan mentioned that you guys can do some white/grey box testing.
|
|
We're in agreement that that is a great starting place.
|
|
|
|
## How many key-selection observations are required to crack an nKode under a given policy configuration?
|
|
|
|
|
|
### Policy Parameters
|
|
|
|
1. iconComplexity:
|
|
The total number of unique icons available in the system.
|
|
(Defines the diversity of visual elements used in the passcode.)
|
|
2. passcodeLength:
|
|
The number of icons in a passcode.
|
|
(Determines the sequence length required for authentication.)
|
|
3. maxFailedAttempts:
|
|
The number of incorrect login attempts allowed before an account is locked.
|
|
(Controls brute-force mitigation by limiting retries.)
|
|
4. keypadSize:
|
|
The total number of keys displayed on the keypad.
|
|
(Impacts usability and potential guesswork complexity.)
|
|
5. iconsPerKey:
|
|
The number of icons assigned to each key.
|
|
(Specifies the visual density per key, affecting recognition difficulty.)
|
|
6. keypadHashLimit:
|
|
The number of unique keypad layouts stored before old hashes are rotated out.
|
|
(Ensures keypads are randomized across logins while limiting memory usage.) |