From b81cd7dd062018226bf97ac87420eba909f89741 Mon Sep 17 00:00:00 2001
From: Saivann <saivann@gmail.com>
Date: Thu, 11 Dec 2014 13:11:36 -0500
Subject: [PATCH] Allow for PIN login with aggressive lock-out (thanks gurnec)

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 5274d4ff..16d2219c 100644
--- a/README.md
+++ b/README.md
@@ -270,8 +270,8 @@ Basic requirements:
 - Website supports HTTPS and 301 redirects HTTP requests
 - SSL certificate passes [Qualys SSL Labs SSL test](https://www.ssllabs.com/ssltest/)
 - The identity of CEOs and/or developers is public
-- If private keys are stored online:
-  - Refuses weak passwords (short passwords and/or common passwords)
+- If private keys or encryption keys are stored online:
+  - Refuses weak passwords (short passwords and/or common passwords) used to secure access to any funds, or provides an aggressive account lock-out feature in response to failed login attempts along with a strict account recovery process.
 - If user has no access over its private keys:
   - Provides 2FA authentication feature
   - Reminds the user to enable 2FA by email or in the main UI of the wallet