-1

Can we change passkey (4 digit pin) in Bluetooth Low Energy? How to change it programmatically ? FYI : I using sensortag cc2650 and https://github.com/don/cordova-plugin-ble-central

Susy Valentina Rahardjo
  • 312
  • 1
  • 5
  • 21
  • Please take a quick [tour](http://stackoverflow.com/tour) and [learn how to ask](http://stackoverflow.com/help/how-to-ask) – imTachu Feb 02 '17 at 10:26

1 Answers1

0

No, it's generated by the internal bluetooth stack. By the way it is 6 digits, not 4. You shouldn't change it anyway since it should be a randomly generated code. The standard says:

If the IO capabilities of a device are DisplayOnly or if Table 2.8 defines that the device displays the passkey, then that device shall display a randomly generated passkey value between 000,000 and 999,999.

If you don't need a code you should use the "Just Works" pairing method.

Why would you like to change the code?

Emil
  • 16,784
  • 2
  • 41
  • 52
  • in this case, pin that I mean is 0000 or 1234. Is that same with 6 digits that you mean?what is "just works" pairing method? I'm new in ble programming.. I want to change pin periodical, so user can change pin / password by his/her own.. – Susy Valentina Rahardjo Feb 03 '17 at 06:18
  • I think you have misunderstood the concept. There is no password-protecting mechanism in the BLE standard for "login to a device". The code you are talking about is not a pin (personal identification number) nor a password but a one-time passkey that is used to protect attackers against MITM-attacks. If you set the passkey to the same everytime (which some non-conformant firmwares might do, such as the default sensortag firmware maybe), there is basically no security at all due to how the protocol is constructed. Just Works pairing means there is no passkey needed in order to pair the devices. – Emil Feb 03 '17 at 10:20
  • May I ask what you want to achieve and what you are trying to create? – Emil Feb 03 '17 at 10:21
  • oh i see. I want to make location detected and user can write data to beacon. User who want to write and read data must enter password first. – Susy Valentina Rahardjo Feb 05 '17 at 02:47
  • Ok. Is it meant that only a few users that "have the password" should be able to interact with it, and external users that don't have the password should not be able to interact with it? – Emil Feb 05 '17 at 16:28
  • 1
    Bluetooth Low Energy does not provide any solution to this in its specification (not even with LE Secure Connections). You will have to add this kind of security yourself, just as when you set up a website over http if you need a user to login. You'll probably want something like https://en.wikipedia.org/wiki/Password-authenticated_key_agreement. – Emil Feb 06 '17 at 10:10