I did think about this and considered making it so you had to enter the old PIN before changing it. The problem here is that if you forget the PIN, you can bypass it but then wouldn't be able to change it. To be honest, you shouldn't be walking around with your OTP on your SD card anyway so this problem should never occur. If you're bypassing the PIN, you should then be changing it and immediately deleting the OTP anyway. If you leave it on the SD card, 3DSafe becomes pointless whether you can change the PIN or not.
@gamesquest1 @metroid maniac @ghostpotato @Skyshadow101
I hope you don't mind me tagging you all, but you were all kind enough to report back your test results. Before going to 1.0, I've just uploaded one more beta version. If you could give this a try I would really appreciate it. This version removes the OTP bypass and replaces it with SHA bypass. So, if you could try the following and let me know the outcome I would be really grateful:
- Update to 3DSafe 0.11
- Put otp.bin on the root of your SD card and verify that it no longer bypasses the PIN lock
- Enter 3DSafe settings
- Press L to dump the sha.bin to the root of your SD card
- Reboot your 3DS and check it bypasses the PIN lock
- Delete sha.bin from the SD card, reboot, and ensure the bypass no longer occurs
If you could let me know about each of those steps and whether each worked I would really appreciate it.