Require a1b2c3 or password after PIN failures before device wipe
If your device has a PIN requirement that will wipe the device after N failures (like when using Exchange), challenge the user intervene with something like the Windows Mobile style a1b2c3 or the exchange password before wiping the phone. The current system makes it super trivial for a child or pants-dial to inadvertantly wipe the contents of the phone.
Just had this happen to me. I thought it was a virus since it happened in the morning on my first try to open the phone. I couldn't even enter a password--took me straight to this "Incorrect Password" screen. I have no idea when or how this happened...it worked fine right before I went to bed. So, I call Nokia. Nokia support had no clue where this message came from or if it was legit. They had me soft reset it first. No good. Then had me hard reset the phone. The phone would never come back from the spinning gears. So, they are replacing the phone--in three days. Very frustrating!!
I must have forgotten to turn my phone off before putting in my pocket a couple of times. I take the phone out to find the A1B2C3 challenge and then hope for no key bounce when entering the password, else I lose everything. It is a MASSIVE security flaw to declare anyone attempting to hack your phone exactly how many digits are contained in the password. Easy solutions to accidental pocket key presses:
a) Require Enter after entering password. Only count correct length attempts to count towards blocking. This also solves the key bounce / wrong password issue that is especially important when having your "last go".
b) Lock phone after wrong entries, requiring power button to be pressed, so that repeated wrong passwords can't happen in your pocket.
Peter Jantunen commented
Just got my phone erased. This feature sucks. Even after the a1b2c3 question the phone should not be wiped. Allow additional attempts or require remote unlocking procedure or require PUK code.
With children at home this is a must. If not, kid zone makes no sense....
This was in WP7.5 and is in WP8. In WP8 they changed it to show up after 4 wrong pin/password attempts, where it used to be like 8 so it never showed up before phones got wiped by EAS policies.
John Gardner (Microsoft) commented
I've heard (but cannot verify) that this is implemented in WP8. It hasn't been updated here, probably because it only has 233 votes?
One big black point for now, is that the phone do not ask to validate the code entered. Each time the number of digit of configured PIN is reached, the entered code is check against the configured one....
Beside the annoying problem of children entering wrong codes unintentionally, there is a security trick : anyone can easily know then length of the PIN code...
It's happened to my phone at least 5 times, due to sharing my phone with children to play games.
Paul Harfield commented
Great feature that we used to have
Keith Hanna commented
yep, one more with the baby wipe! :(
a1b2c3 only delays a phone wipe. just get rid of the wipe feature or alow the user to enable via settings.
Any feature that prevents children from whiping the phone would help a lot!!!!
qhat a ridiculous idea. dont do this. stupid.
Exactly!!!! WHO THE HECK DID DESIGN THAT???? I've just got my phone wiped!!! Windows Mango is a piece of JUNK! That's it. I'm done with that junk...
i absolutely hated this feature in windows mobile 6.5, but i'll have it back any day over my 2 year old wiping my phone for the 4th time. This and/or back up is a must have. May I suggest though aAbBcC so that you don' thave to shift over to the number keys and back to enter this key sequence(too tough to enter while driving!)
My 2-year old also wiped my phone due to this. You HAVE to do something about this 'feature'. It does not make my phone more secure - it just causes hassle and lost data!
please bring this back. my son just accidentally wiped my phone and what a pain.
I have had my phone wiped 3 times now with WP7. Please bring back a1b2c3!
I also like having a delay time from the last-failed-attempt to the wiping.
Without this I only have half a phone, I can't use if for any work purposes because I know it will eventually be wiped.
Andy Seres commented
Both my wife and I have had our phone wiped by curious fingers...