Which of the following are critical flaws of PIN entry WPS authentication with a hard$-$coded PIN?

$1$ point

The hard$-$coded PIN can never be reset, so if it is recovered by a hacker it can be reused to recover the new password.

There is a one$-$minute lockout period after three incorrect PIN attempts.

It uses an $8$ digit pin, which is made of $7$ digits and one checksum value, and sends it in two parts. This means it takes a maximum of $11,000$ tries to guess the PIN.

It allows for the secure exchange of the SSID and the pre$-$shared key.

$6.$