It would be nice to have the option of using the ring and a PIN or some other non-physical token. There are complicated reasons that someone might want to do this but it affects the USA 5th ammendment and what someone there can be compelled to do. Plus it'd kinda be neat.
After a number of invalid PIN guesses, I'd like to write the service to lock / invalidate the encrypted credential and force the use of the original username and password. This way finding someone's token doesn't automatically grant access.
It would be nice to have the option of using the ring and a PIN or some other non-physical token. There are complicated reasons that someone might want to do this but it affects the USA 5th ammendment and what someone there can be compelled to do. Plus it'd kinda be neat.
After a number of invalid PIN guesses, I'd like to write the service to lock / invalidate the encrypted credential and force the use of the original username and password. This way finding someone's token doesn't automatically grant access.