Originally Posted by
aaronp84
No, I would prefer they implement a strong password policy instead of a 4 number pin that is figured out in short matter of time.
With 4digit numeric pins, solution is easy enough.... HH can simply stop brute strength attacks by implementing an increasing interval after nn failed password attempts.
eg
3 attempts ok back to back is fine, allows for incorrect entry, especially non-pin passwords when accidentally i have set keyboard as 'caps on'
if password 1-3 attempts invalid, force wait 30minutes before being allowed another 3x retry password attempts
if 4th-6th password attempts invalid, force wait 2hours before allowed retry password 3x again
(and keep to this 2hour delay there after)
AND when you legitimately log on with next good password, HH can flash up on screen message like
"nn Un-Sucessful login attempts since last logon" to warn of attempted hack attempts.