Docs

Guides

Blog

Tools

Token2 FIDO2 PIN+: See the PIN Complexity in action

In today's world, where cybercrime is on the rise and data breaches are becoming increasingly common, it's more important than ever to protect sensitive data with strong authentication mechanisms. However, many security keys available on the market today only enforce PIN length, but not complexity. For example, even a FIPS-certified security key might only require a minimum PIN length of 6 digits, without any restrictions on the choice of numbers. This can lead to users choosing easily guessable PINs such as 111111 or 123456, which can compromise their security.  That's where the Token2 FIDO2 PIN+ Series comes in. It is designed to enforce strong PIN complexity at the firmware level, which goes beyond the current FIDO2 standards that only define enforcing PIN length and not complexity. This ensures that users cannot choose weak, easily guessable PINs that could be easily compromised.
PIN+ keys implement specific complexity rules for both numeric and alphanumeric PINs. Here are the rules explained:


For numeric PINs:

  • The minimum length of the PIN must be 6 digits. It can be increased using a tool, but it cannot be decreased. The lowest possible minimum length is 6 digits.
  • Sequential numbers in ascending or descending order are not allowed. For example, 123456 or 654321 are not valid PINs. Similarly, repeated digits like 111111 are also not allowed.
  • "Mirror" or palindrome numbers such as 321123 or 69233296 are not allowed.
  • There should not be more than 3 repeating digits out of the 6 digits. For instance, 111123 or 990000 are not permitted.

For alphanumeric PINs:

  • The minimum length of the password must be 10 characters.
  • The password must contain characters from at least two of the following four categories:
  • Uppercase characters A-Z (Latin alphabet)
  • Lowercase characters a-z (Latin alphabet)
  • Digits 0-9
  • Special characters (!, $, #, %, etc.)

These groundbreaking FIDO2 keys offer enhanced PIN complexity rules, surpassing even competitors with FIPS certification. 

PIN Complexity Checker

The tool below emulates the complexity check implemented on our PIN+ firmware (numeric only). You can enter a numeric PIN to see if it meets the specified complexity requirements.