1. tickerguy's Avatar

    One problem I've discovered in the Priv implementation that's actually kind of serious.

    If you load anything into the phone's certificate store (like, for instance, a VPN machine certificate or a private CA) the phone enforces the use of a PIN, pattern lock or alpha password.

    That's right -- it won't let you use Picture Password, but will allow 4-digit PIN, which is far less secure.

    Once you do that the only way out of the box is to delete all the credentials, which releases the OS-level lock on what sort of screen security you can have.

    This is a kinda-serious problem as Picture Password is definitely better than a 4-digit PIN and almost-certainly better than a swipe pattern (even if you do it poorly.)

    BlackBerry needs to fix this; loading a machine certificate is part of good management practice for VPN use, and to force people off the Picture Password (which is likely to lead them to use a 4-digit pin or a weak alpha string) is very, very bad.
    11-12-15 10:17 AM

Similar Threads

  1. WFC apparently does work on unlocked Priv.
    By scrannel in forum General Carrier Discussion
    Replies: 7
    Last Post: 11-20-15, 09:57 AM
  2. Priv protection plan
    By djenks76 in forum BlackBerry Priv
    Replies: 14
    Last Post: 11-16-15, 12:42 AM
  3. Device storage almost full problem
    By Emaderton3 in forum BlackBerry 10 OS
    Replies: 2
    Last Post: 11-12-15, 04:30 PM
  4. BlackBerry Priv to be officially available in Hong Kong mid-November for HK$6,488
    By CrackBerry News in forum CrackBerry.com News Discussion & Contests
    Replies: 0
    Last Post: 11-12-15, 10:00 AM
  5. Tmo WFC on Priv?
    By crackberry_geek in forum BlackBerry Priv
    Replies: 10
    Last Post: 11-12-15, 09:54 AM