U tweetove putem weba ili aplikacija drugih proizvođača možete dodati podatke o lokaciji, kao što su grad ili točna lokacija. Povijest lokacija tweetova uvijek možete izbrisati. Saznajte više
In practice (given the apparent limitations of current iOS attacks) it’s probably fine to use an alphanumeric passcode. It may be very secure. The real question is whether it’s worth the hassle of using the non-numeric keypad.
So in summary: random (long) numeric passcodes may be a more ergonomic choice for a given security level, especially if you force yourself to memorize the thing over a week or two (even if that involves carrying a post-it during that time.) But do whatever works for you.
Honestly, this is why I still prefer a (rooted) Android phone where you can set a long FDE passphrase and a simpler unlock passphrase. If you shut the thing down the key material is gone unless you can crack a long scrypted passphrase.
I understand the trade-offs Apple is making with their more complex security implementation (and Android is moving in that direction with file-based crypto) but I'd rather have a much simpler to analyze FDE approach.
Muscle memory probably kicks in quite quickly with that pin pad, whereas I actually have to memorize my PIN code (because my phone randomizes the pin pad). Although I use a separate encryption passphrase from the lock screen PIN at the moment.
I suppose that if the passcode was sufficiently long, that information "leak" wouldn't even matter.
what works for me as an iphone passphrase is the first letters of the words in some obscure poem. but, yes, the keyboard sucks. for the mac et alia, you might be amused byhttps://github.com/randyqx/public/blob/master/yubikey-static.md …
Agreed. Great analysis. How long until Apple buys a GrayKey device and just patches the hole?
They seem to be very selective about who they sell to. Apple would have to get some police or intelligence agency to purchase one on their behalf somehow...
Verifiers SHOULD NOT impose other composition rules (e.g., requiring mixtures of different character types or prohibiting consecutively repeated characters) for memorized secrets. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63b.pdf …
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
)
