From 4b85f49d3feb4173c3a58364f70ac692d6dab0f1 Mon Sep 17 00:00:00 2001 From: Token2 <6784409+token2@users.noreply.github.com> Date: Tue, 9 Jun 2026 16:28:33 +0200 Subject: [PATCH] Document security limitations of command-line PIN usage Added a section on security limitations regarding command-line PIN parameters. --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 62443d3..3b0cc1e 100644 --- a/README.md +++ b/README.md @@ -97,6 +97,8 @@ For example, the following command should be used to set a PIN on a new device: ./fido2-manage.sh -setPIN -device 1 ``` +### Security Limitations of Command-Line PIN parameter ### +Due to limitations of command-line applications, sensitive parameters such as PINs may be exposed to other local users through process inspection mechanisms. Use fido2-manage only on systems where you have exclusive access and do not run it on shared or multi-user environments. ### Changes ### The changes implemented in our fork differ from the original code in the following ways: