Security issue: Bypass PIN login attempts
Hello, the current login with PIN mechanism and attempts counter (failures) can be bypassed leading to brute-force attacks.
If a user fails the login 2 times and restart the Samourai application, the counter will reset. Also, the PIN is not complex enough to protect the wallet by encryption.
The current logic stores the number of attempts during runtime:
try {
HD_Wallet hdw = PayloadUtil.getInstance(PinEntryActivity.this).restoreWalletfromJSON(new CharSequenceX(AccessFactory.getInstance(PinEntryActivity.this).getGUID() + pin));
runOnUiThread(() -> {
progressBar.setVisibility(View.INVISIBLE);
});
if (hdw == null) {
runOnUiThread(() -> {
failures++;
Toast.makeText(PinEntryActivity.this, PinEntryActivity.this.getText(R.string.login_error)
+ ":" + failures + "/3", Toast.LENGTH_SHORT).show();
if (failures == 3) {
failures = 0;
doBackupRestore();
} else {
Intent intent = new Intent(PinEntryActivity.this, PinEntryActivity.class);
// intent.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TASK | Intent.FLAG_ACTIVITY_NEW_TASK);
startActivity(intent);
finish();
}
});
}