The Code Security Module Documentation has two statements:
1- "Do not use 128 bits of all zeros as the password. This automatically secures the device, regardless of the contents of the KEY register. The device is not debuggable nor reprogrammable."
2- "If a device is reset while the password locations are all zero or an unknown value, the device will be permanently locked unless a method to run the flash erase routine from secure SARAM is embedded into the flash or OTP."
Does this mean that, even though the 128 bits password are all zeros, a "dedicated" bootloader programmed on flash and running on secure SARAM can still reprogramm the flash ?
Is my understanding right ?Thank you for your attention.