Security

Password Protection

<\/script>\n
'; }, get iframeSnippet() { const domain = '{ SITE_DOMAIN }'; const type = '{ embed_type }'; const slug = '{ embed_slug }'; return ''; }, get activeSnippet() { return this.method === 'script' ? this.scriptSnippet : this.iframeSnippet; }, copySnippet() { navigator.clipboard.writeText(this.activeSnippet).then(() => { this.copied = true; setTimeout(() => { this.copied = false; }, 2000); }); } }" @keydown.escape.window="open = false" @click.outside="open = false">

Embed This Widget

Theme


      
    


    
    

      Widget powered by
      .
      Free, no account required.
    

  





    
    

      
A basic access control mechanism using a 32-bit password to restrict read/write access to specific memory areas. Used in NTAG 21x and MIFARE Ultralight EV1 chips. The password is transmitted in plaintext, making it vulnerable to eavesdropping.

    


    
    
    

      Also known as:
      
      password protection
      
      32-bit password
      
    

    
  


  




  
  

    
Password Protection


Password protection is a basic access control mechanism in NFC tags that uses a
fixed-length password to restrict read and/or write operations on specified
memory blocks. The password is a 32-bit (4-byte) value
stored in a configuration page of the tag, and a reader must transmit this password
using the PWD_AUTH command before accessing protected memory areas. While simple to
implement, password protection has significant security limitations compared to
cryptographic authentication.


Implementation in NTAG 21x


In NTAG 213, NTAG 215, and
NTAG 216, password protection is configured through three
parameters:


    

  • PWD (Password): A 4-byte value stored in the chip's configuration pages
  (page 43 for NTAG 213, page 133 for NTAG 215, page 229 for NTAG 216).
    • 

  • PACK (Password Acknowledge): A 2-byte value the tag sends back upon successful
  authentication. Allows the reader to verify it is talking to the expected tag.
    • 

  • AUTH0: The page address from which password protection begins. Pages before AUTH0
  remain freely accessible. For example, setting AUTH0 = 4 protects all
  user memory pages; setting AUTH0 = 10 leaves pages 4-9
  unprotected.
    • 



Access control modes:
- Write-only protection (PROT bit = 0): Reading is always allowed; writing to protected
  pages requires authentication.
- Read-and-write protection (PROT bit = 1): Both reading and writing require
  authentication.


Security Limitations


Password protection has critical weaknesses that make it unsuitable for
security-sensitive applications:


    

  1. Plaintext transmission: The 32-bit password is sent from reader to tag without
   encryption over the RF field. An attacker with an NFC sniffer
   can capture the password from the air interface.
    2. 

  2. Small keyspace: A 32-bit password has only 4.3 billion possible values — feasible
   to brute-force with dedicated hardware, though NTAG chips limit authentication
   attempts (AUTHLIM counter) to slow down attacks.
    3. 

  3. No session keys: After authentication, subsequent commands are not encrypted.
   The session is vulnerable to replay and man-in-the-middle attacks.
    4. 

  4. Static credential: The password does not change between sessions, so a captured
   password grants permanent access.
    5. 



When to Use Password Protection


Despite its limitations, password protection is appropriate for:


    

  • Write protection of publicly readable data: Preventing unauthorized overwrites of
  NDEF URLs on marketing tags while keeping the content freely
  readable. Eavesdropping risk is low because the protected content is public.
    • 

  • Low-value access gating: Fitness badges, simple loyalty cards, or internal asset
  labels where the threat model does not include sophisticated RF attacks.
    • 



For security-critical applications (payments, brand protection, access control), use
AES encryption and mutual authentication
via chips like NTAG 424 DNA or MIFARE DESFire EV3.

  

  

  
  
  




  
  
Related Terms

  

  

    
    Mutual Authentication
    
    Authentication
    
    Access Control Bits
    
  





  

  
  

  
  

  
  
  

    
Related Content

    

      
      
        

          
          
NFC Tag Types Explained

          
          Getting Started
          
        

        
        
      
      
      
        

          
          
NFC Chips Compared

          
          Getting Started
          
        

        
        
        
…(NTAG213) to 888 bytes (NTAG216). Security is limited to a 32-bit password and lock-bits . NTAG DNA and NTAG 424 add aes-encryption…

        
      
      
      
        

          
          
NFC for Beginners: Your First Project

          
          Getting Started
          
        

        
        
        
…writing using the NDEF Message Encoder . Next Steps Add password protection: NFC Tools → Write → Security → Password Lock the tag…

        
      
      
      
        

          
          
NFC Troubleshooting Guide

          
          Getting Started
          
        

        
        
      
      
      
        

          
          
Python NFC Programming Guide

          
          Programming
          
        

        
        
        
…response: {response.hex()}") return False NTAG Password Protection def set_password(tag): if not isinstance(tag,…

        
      
      
      
        

          
          
NFC Security Deep Dive

          
          Security
          
        

        
        
      
      
      
        

          
          
NFC in Healthcare

          
          Industry
          
        

        
        
      
      
      
        

          
          
NFC Write Failures and Recovery

          
          Troubleshooting
          
        

        
        
      
      
    

  

  

  
  




  
Frequently Asked Questions


  

    
    

      
      

        
The NFC glossary is a comprehensive reference of technical terms, acronyms, and concepts used in Near Field Communication technology. It is designed for developers, product managers, and engineers who work with NFC and need clear definitions of terms like NDEF, APDU, anti-collision, and ISO 14443.

      

    

    
    

      
      

        
Each glossary term is cross-referenced with related NFC chips, standards, and other terms. For example, the term 'AES-128' links to chips that support AES encryption (NTAG 424 DNA, DESFire EV2/EV3), and the term 'ISO 14443' links to all chips compliant with that standard.

      

    

    
    

      
      

        
Yes. NFCFYI provides glossary definitions in 15 languages including English, Korean, Japanese, Chinese, Spanish, Portuguese, Hindi, Arabic, French, Russian, German, Turkish, Vietnamese, Indonesian, and Thai. Use the language selector in the header to switch languages.