Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 10:13 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Wed Jan 06, 2016 4:38 pm 
Offline

Joined: Wed Jan 06, 2016 4:20 pm
Posts: 1
Hi,

since yesterday I'm a new prod owner of a Yubikey 4 and I've got directly a question where I've found no answer in google.
I remember that when I've made my first steps in the Yubikey configuration that the PIN retry counter was 3 3 3.
Now, after a lot of configuration changes and some blocked PINs and PUKs the numbers are on 3 0 3.
I've followed the instructions here (https://developers.yubico.com/yubico-pi ... ction.html) to reset PIN and PUK but that have no influence on the middle number. Can someone explain me which number is standing for what?

Code:
C:\>gpg2 --card-status
Application ID ...: D2760001240102010006041313600000
Version ..........: 2.1
Manufacturer .....: Yubico
Serial number ....: 04131354
Name of cardholder:
Language prefs ...:
Sex ..............:
URL of public key :
Login data .......: [nicht gesetzt]
Signature PIN ....: nicht zwingend
Key attributes ...: 4096R 4096R 2048R
Max. PIN lengths .: 127 127 127
PIN retry counter : 3 0 3
[...]


BR Christian


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Tue Jan 19, 2016 12:02 am 
Offline
Yubico Team
Yubico Team

Joined: Thu Oct 16, 2014 3:44 pm
Posts: 349
The NEO will show 3 3 3, while the YubiKey 4 will show 3 0 3. This is expected behavior. The second number isn't actually used anywhere.

======================================================

PIN retry counter
This field saves how many tries still are left to enter the right PIN. They are decremented whenever a wrong PIN is entered. They are reset whenever a correct AdminPIN is entered. The first and second PIN are for the standard PIN. gpg makes sure that the two numbers are synchronized. The second PIN is only required due to peculiarities of the ISO-7816 standard; gpg tries to keep this PIN in sync with the first PIN. The third PIN represents the retry counter for the AdminPIN.

source - https://www.gnupg.org/howtos/card-howto/en/ch03.html


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group