Q: Which of the following are critical flaws of PIN entry WPS authentication with a hard-coded PIN?
or
Q: What are the main drawbacks of using a hard-coded PIN for PIN entering WPS authentication?
- There is a one-minute lockout period after three incorrect PIN attempts.
- It uses an 8-digit pin, which is made of 7 digits and one checksum value, and sends it in two parts. This means it takes a maximum of 11,000 tries to guess the PIN.
- It allows for the secure exchange of the SSID and the pre-shared key.
- The hard-coded PIN can never be reset, so if it is recovered by a hacker it can be reused to recover the new password.
Explanation: If the PIN is compromised, it can be used to access the network until it is manually changed or replaced, posing a security risk.
