securityonline.info 7/1/2026, 12:26:38 PM · external

Android 17 tightens PIN attempt limits to thwart thief attacks

Android 17 tightens PIN attempt limits to thwart thief attacks
CyberSIXT Evidence Panel Source marked as original reporting

GOOGLE'S Android engineering team has introduced a significant security update in Android 17, instituting stricter rate limits on how many PIN entry attempts a user can make. Previously, Android 16 allowed up to ten attempts in a minute and gradually increased to 110 attempts within a day. In contrast, Android 17 limits users to five attempts per minute and imposes progressively lower limits across different time frames, with a lockout after twenty consecutive incorrect attempts.

This update aims to deter thieves who exploit simplistic PINs. Any repeated incorrect PIN entry only counts as one failure, preventing rapid lockout, and the interface for lockout messages has been improved to present clearer wait times.

View full article

Article by CyberSIXT