Passwords - A Bad Mnemonic System: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Guess we have a pin number: 3401, this number is coded in the following scheme with a word, let's say ''c-r-a-p'' |
Guess we have a pin number: 3401, this number is coded in the following scheme with a word, let's say ''c-r-a-p'' supposed to be an easy reminder. |
||
<pre> |
|||
___0______1______2______3______4______5______6______7______8______9__ |
___0______1______2______3______4______5______6______7______8______9__ |
||
| | | | | | | | | | | |
| | | | | | | | | | | |
||
| | | | C | | | | | | | |
| | | | C | | | | | | | |
||
|______|______|______|______|______|______|______|______|______|______| |
|______|______|______|______|______|______|______|______|______|______| |
||
| | | | | | | | | | | |
| | | | | | | | | | | |
||
| | | | | R | | | | | | |
| | | | | R | | | | | | |
||
|______|______|______|______|______|______|______|______|______|______| |
|______|______|______|______|______|______|______|______|______|______| |
||
| | | | | | | | | | | |
| | | | | | | | | | | |
||
| A | | | | | | | | | | |
| A | | | | | | | | | | |
||
|______|______|______|______|______|______|______|______|______|______| |
|______|______|______|______|______|______|______|______|______|______| |
||
| | | | | | | | | | | |
| | | | | | | | | | | |
||
| | P | | | | | | | | | |
| | P | | | | | | | | | |
||
|______|______|______|______|______|______|______|______|______|______| |
|______|______|______|______|______|______|______|______|______|______| |
||
</pre> |
|||
---- |
---- |
||
In the next step all the blank fields are filled up with random characters. |
|||
<pre> |
|||
___0______1______2______3______4______5______6______7______8______9__ |
___0______1______2______3______4______5______6______7______8______9__ |
||
| | | | | | | | | | | |
| | | | | | | | | | | |
||
| |
| F | I | W | C | K | N | O | E | S | Y | |
||
|______|______|______|______|______|______|______|______|______|______| |
|______|______|______|______|______|______|______|______|______|______| |
||
| | | | | | | | | | | |
| | | | | | | | | | | |
||
| |
| H | F | V | O | R | G | T | D | F | U | |
||
|______|______|______|______|______|______|______|______|______|______| |
|______|______|______|______|______|______|______|______|______|______| |
||
| | | | | | | | | | | |
| | | | | | | | | | | |
||
| |
| A | G | E | L | P | H | M | D | A | C | |
||
|______|______|______|______|______|______|______|______|______|______| |
|______|______|______|______|______|______|______|______|______|______| |
||
| | | | | | | | | | | |
| | | | | | | | | | | |
||
| |
| T | P | F | O | M | W | Z | K | S | K | |
||
|______|______|______|______|______|______|______|______|______|______| |
|______|______|______|______|______|______|______|______|______|______| |
||
</pre> |
|||
'''Conclusion:''' This is really a bad mnemonic system for bank PINs. The odds sank from 1 in 3000 to 1 in 8 (if three attempts are allowed), because there are only about 20-30 words in the whole scheme. |
|||
Some banks allow customers to use their own pins and it is believed that about a third uses a birthday. |
|||
---- |
|||
___0______1______2______3______4______5______6______7______8______9__ |
|||
[[Passwords - Design Errors And Operational Issues|Back (Design Errors)]] | [[Passwords - Table of Contents|Table of Contents]] | [[Passwords - System Issues|Next (System Issues)]] |
|||
| | | | | | | | | | | |
|||
| | | | | | | | | | | |
|||
|______|______|______|______|______|______|______|______|______|______| |
|||
| | | | | | | | | | | |
|||
| | | | | | | | | | | |
|||
|______|______|______|______|______|______|______|______|______|______| |
|||
| | | | | | | | | | | |
|||
| | | | | | | | | | | |
|||
|______|______|______|______|______|______|______|______|______|______| |
|||
| | | | | | | | | | | |
|||
| | | | | | | | | | | |
|||
|______|______|______|______|______|______|______|______|______|______| |
|||
___0______1______2______3______4______5______6______7______8______9__ |
|||
| | | | | | | | | | | |
|||
| | | | | | | | | | | |
|||
|______|______|______|______|______|______|______|______|______|______| |
|||
| | | | | | | | | | | |
|||
| | | | | | | | | | | |
|||
|______|______|______|______|______|______|______|______|______|______| |
|||
| | | | | | | | | | | |
|||
| | | | | | | | | | | |
|||
|______|______|______|______|______|______|______|______|______|______| |
|||
| | | | | | | | | | | |
|||
| | | | | | | | | | | |
|||
|______|______|______|______|______|______|______|______|______|______| |
Latest revision as of 20:50, 8 November 2004
Guess we have a pin number: 3401, this number is coded in the following scheme with a word, let's say c-r-a-p supposed to be an easy reminder.
___0______1______2______3______4______5______6______7______8______9__ | | | | | | | | | | | | | | | C | | | | | | | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | | | | | R | | | | | | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | A | | | | | | | | | | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | | P | | | | | | | | | |______|______|______|______|______|______|______|______|______|______|
In the next step all the blank fields are filled up with random characters.
___0______1______2______3______4______5______6______7______8______9__ | | | | | | | | | | | | F | I | W | C | K | N | O | E | S | Y | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | H | F | V | O | R | G | T | D | F | U | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | A | G | E | L | P | H | M | D | A | C | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | T | P | F | O | M | W | Z | K | S | K | |______|______|______|______|______|______|______|______|______|______|
Conclusion: This is really a bad mnemonic system for bank PINs. The odds sank from 1 in 3000 to 1 in 8 (if three attempts are allowed), because there are only about 20-30 words in the whole scheme.
Some banks allow customers to use their own pins and it is believed that about a third uses a birthday.
Back (Design Errors) | Table of Contents | Next (System Issues)