[8ytecoder]

And add other defensive mechanisms like lockout after n retries.

[mmis1000]

Unless you are using a hardware based pin. Lockout is useless. I can just backup the file before lockout and restore

Or… I can just stop the software, change computer time. And the timeout is over.

[sowbug]

That's a bit like putting a website password check in the client-side JavaScript. Attacker removes lockout, continues brute-forcing.

There really isn't a solution if the entropy is low and the enforcement mechanisms are in the hands of the attacker. Even a TPM or secure element is just a financial obstacle to a sufficiently motivated attacker.

[cryptonector]

> Even a TPM or secure element is just a financial obstacle to a sufficiently motivated attacker.

For sure, but currently it's a fairly big step function for an attacker to have to teardown a TPM (or find a vulnerability in its firmware).