GOOGLE'S Android engineering team has introduced a significant security update in Android 17, instituting stricter rate limits on how many PIN entry attempts a user can make. Previously, Android 16 allowed up to ten attempts in a minute and gradually increased to 110 attempts within a day. In contrast, Android 17 limits users to five attempts per minute and imposes progressively lower limits across different time frames, with a lockout after twenty consecutive incorrect attempts.
This update aims to deter thieves who exploit simplistic PINs. Any repeated incorrect PIN entry only counts as one failure, preventing rapid lockout, and the interface for lockout messages has been improved to present clearer wait times.