Passwords - A Bad Mnemonic System
Jump to navigation
Jump to search
Guess we have a pin number: 3401, this number is coded in the following scheme with a word, let's say c-r-a-p supposed to be an easy reminder.
___0______1______2______3______4______5______6______7______8______9__ | | | | | | | | | | | | | | | C | | | | | | | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | | | | | R | | | | | | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | A | | | | | | | | | | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | | P | | | | | | | | | |______|______|______|______|______|______|______|______|______|______|
In the next step all the blank fields are filled up with random characters.
___0______1______2______3______4______5______6______7______8______9__ | | | | | | | | | | | | F | I | W | C | K | N | O | E | S | Y | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | H | F | V | O | R | G | T | D | F | U | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | A | G | E | L | P | H | M | D | A | C | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | T | P | F | O | M | W | Z | K | S | K | |______|______|______|______|______|______|______|______|______|______|
Conclusion: This is really a bad mnemonic system for bank PINs. The odds sank from 1 in 3000 to 1 in 8 (if three attempts are allowed), because there are only about 20-30 words in the whole scheme.
Some banks allow customers to use their own pins and it is believed that about a third uses a birthday.
Back (Design Errors) | Table of Contents | Next (System Issues)