Support unknown length pincodes
LeoNatan opened this issue · 4 comments
This is a great control, but I think several improvements are necessary.
There is already support for number of dots to display. However, this can be problematic and insecure to keep this information. Usually, a pincode is not stored in plaintext, but usually a hash is used. So exposing the number of characters is unsecure.
Here is how Apple solved it:
There is a textview, it gets filled, and when the user taps the OK button, validation is performed.
Hey mate.
Sorry I haven't had a chance to look at this, I've been moving apartments over the past week and still don't have reliable internet in my place. Once thats set up i'll look at the issues raised. Still not sure about this one though as the standard pin code screen on iOS still displays the 4 empty dots unless you've set a complex passcode (text or more than 4 numbers)
Yes, complex passcode is a difficult beast, because this view is unsuitable for freeform passcodes. But Apple does display the semi-complex view when a numeric-only passcode was set.
Also, there are the practical considerations of not having the original passcode length.
The pin code view I based it off is below and is the pin code Apple uses for non-complex (4 numeric) pass-codes.
Given that the vast majority of users are used to this functionality, i'm thinking of leaving it as is for now unless complex pin support is required.
Is this issue stopping you from using it in your app? Would be interested to know if it falls short of any defined security standards.
It is a show stopper, yes.
Also, knowing the passcode length is a security issue. It gives a hint to someone attempting to break it. Even in iOS, it is better to use a complex passcode with 5 numeric characters than the simple 4 numeric digits, because an attacker does not know the length. Or even better, an alpha-numeric passcode.
Exposing the length is insecure. An open-ended text field would be much better for a passcode view.