Quick unlock - first few characters of password Vs. PIN

Not open for further replies.


New member
Apr 25, 2019
Is there a requirement that the quick unlock uses the first few characters of the password or is this an arbitrary decision. Can an alternate SQRL client use a PIN instead? It would be great if the SQRL client allowed the user to use a PIN instead of the first few characters of the password as the quick unlock code.


Well-known member
May 20, 2018
SQRL clients are free to use whatever alternatives they want. The Android client uses the fingerprint reader (if available), for example. But I don't see the advantage in using a PIN. At best, it would be just as secure as the first few characters of the password if those first few characters were numbers; otherwise, it'd be less secure.


Staff member
May 6, 2018
@Digitoxin :

SQRL's client "QuickPass" (we've officially renamed it) is not part of the underlying SQRL spec. So, yes, clients are free to do whatever they please.

However, using a separate PIN would be tricky, since it would need to be protected by encrypting it inside the user's identity so that the only way to access it would be by decrypting the identity using their full password. This would require an extension of the SQRL identity storage format which would break all existing clients. And it also significantly complicates the user interface and user experience.

Could you explain why you think that a PIN would be superior?? I don't see any advantage. :)

Vela Nanashi

Well-known member
May 19, 2018
Hey Paul that was what I was going to suggest too, after reading op, but I decided read the rest, someone has to have that idea, and you did :)
Not open for further replies.