Comment Re:Is Haselton going to jail? (Score 1) 187
How you test for a brute-force vector without conducting a full brute force attack:
Hey, United, I was able to try 10 user/PIN combinations within 30 seconds of each other and did not hit any timeout walls or seeming account blocks. I was also able to directly use my real account/PIN combination on the 11th attempt that I manually did 5 seconds later and was able to get full access to my account. You might want to take a look at this to make sure that on a proper brute-force scale you're not caught with your pants down.