I wanted to test out how far an user can go on managing settings and Smartlocks in the Nuki App. I received an invitation code from the main phone that manages a Nuki Smartlock. I noticed that I could delete users and permissions just by entering a 4 digit code, which could lead to a potential security breach due to the fact that it has a little number of total possible combinations (compared to other methods), and even if after five unsuccesful attempts it does not allow to enter codes temporarily, this does not last for a long period of time. Is there any way to make this safer by managing who can access the users or device settings, or by any other method?
1 Like
Related thing: using Android app, I removed my own access to a lock, being the only user, then I could not control the lock anymore even on web and needed to hard reset it and add as new.
I just wanted to disable remote unlocking for my account, and rather I removed own access. Not nice.
No. The code defines who has access rights and who not. On 5G devices the code is 6 digit. See here for more information: https://help.nuki.io/hc/en-001/articles/4407702320017-Security-code
This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.