btusername

the problem I can forsee with the lock/unlock feature is this. Attacker finds a secret key that has been locked (he finds the key and some kind of even occurs). Attacker now knows hes found something worth looking into. Attacker spoofs his IP address, uses TOR, or whatever method to bypass an IP blocklist as puprosed in the past for this lock/unlock setup. Attacker then sets up a system to continue to test this secret, or saves it for testing in the future. A much better solution to this problem would have been to implement a PGP or GPG solution where there is a private and public key.