This allows attackers to bypass the card’s security delay mechanism after failed authentication attempts, enabling them to try approximately 2.5 passwords per second, significantly accelerating the time to crack passwords, especially weak ones. The vulnerabilities cannot be patched on existing cards because they’re not upgradable. Users are advised to use strong passwords (at least 8 characters with a mix of digits, letters, and symbols).