Pin complexity reccomendations for fido2 keys

Hello dear community, long time lurker here.

I think an interesting subject would be to discuss pin complexity rules for fido2 keys.

Contrary to the passwords and passphrase fido2 fips require a minimums 6 digits and normal security keys 4 digits.

Alphanumeric ones require minimum 10. This is though as far as it goes. What are safe recommendations. In terms of bits how strong should a pin be?

1 Like

It’s generally safer to use a shorter PIN here, because you need physical access to the key already to enter the PIN, but if you’re worried about key theft then a you should account for all the usual requirements for a regular password (>= 16 characters, generally).

In light of the specific threat model under consideration, I generally advise utilizing an 8-digit alphanumeric PIN for the FIDO2 function. Furthermore, for the OATH-TOTP function, if employed, a conventional 16-digit (or longer) password or passphrase is recommended. This password/passphrase should be easy to memorize.

Should you not be affected by any particular threat, the length of your PIN may be reduced. However, if you are exposed to a high risk of physical threats, such as theft, it is prudent to consider using a conventional password or passphrase for the FIDO2 function as well, as @jonah suggested.

1 Like

From threat model perspective I see three cases. A random person finding the key, a curious burglar and a targeted attack.

My reasoning is that there are 8 attempts and the adversary does not know how many attempts deep one is. Another one is that this mechanism is intended to facilitate and simplify logins. If the pin is as long and complex as a password while being more secure but more cumbersome to use it definitely does not invite it’s usage.

Does anyone know the rationale behind FIPS or Windows Hello password requirements?

I would welcome anyone to share more insights and sources for pin sizing and the rationale.

Right now it seems that FIPS and Windows hello are the main references for minimum length.