The current implementation of hsm-util login uses getpass(). This is obsolete so the suggestion is to replace this with a local method that obtains the PIN from the user. It is further suggested that this use stdin to support scripting and regression testing.