• cheese_greater@lemmy.world
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    5 months ago

    I wonder if its mostly for simple PIN-passcode types…

    Think about it: if they have some bullshit way to disable the anti-replay whatever, its only a matter of time till you iterate to the correct numerical passcode.

    Its like Michael said to Jim and Dwight, its not about more or less money, the amount is just different

    • narc0tic_bird@lemm.ee
      link
      fedilink
      arrow-up
      6
      ·
      5 months ago

      From what’s known most of the attack vectors involve brute forcing the passcode and the vulnerabilities allow it without rate limiting/anti-replay.

      So you’re at least much better off with a long alphanumeric passphrase.