PeterCxy/open-keychain
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases 1 Wiki Activity

Block 20 most chosen PINs

Browse source
This commit is contained in:
Dominik Schürmann 2016-08-16 03:23:43 +02:00
parent 0733984e3f
commit 9adaf1434f
2 changed files with 19 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateSecurityTokenPinFragment.java
View file

@ -47,19 +47,30 @@ public class CreateSecurityTokenPinFragment extends Fragment {
View mBackButton;
View mNextButton;
// top 20 according to http://datagenetics.com/blog/september32012/index.html
// extended from 4 digits to 6 for our use case
private static HashSet<String> sPinBlacklist = new HashSet<>(Arrays.asList(
"000000",
"123456",
"111111",
"222222",
"333333",
"000000",
"121212",
"777777",
// "1004", makes no sense as "100004", see blog post
"200000",
"444444",
"222222",
"696969",
"999999",
"333333",
"555555",
"666666",
"777777",
"111222",
"131313",
"888888",
"999999",
"123456",
"XXXXXX"
"654321",
"200001",
"101010",
"XXXXXX" // additional: should not be used, as this PIN is entered for resetting the card
));
/**

2
OpenKeychain/src/main/res/values/strings.xml
View file

@ -791,7 +791,7 @@
<string name="create_key_yubi_key_pin_repeat">"Repeat PIN"</string>
<string name="create_key_yubi_key_pin_not_correct">"PIN is not correct!"</string>
<string name="create_key_yubi_key_pin_too_short">"PIN must be at least 6 numbers long!"</string>
<string name="create_key_yubi_key_pin_insecure">"Please choose a secure PIN, not 000000, 123456 or similar combinations."</string>
<string name="create_key_yubi_key_pin_insecure">"Please choose a secure PIN, not 000000, 123456 or similar combinations (the top 20 most chosen PINs are not allowed)"</string>
<!-- View key -->
<string name="view_key_revoked">"Revoked: Key must not be used anymore!"</string>