Passwords - A Bad Mnemonic System: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 18: | Line 18: | ||
---- |
---- |
||
In the next step all blank fields are filled up with random characters. |
In the next step all the blank fields are filled up with random characters. |
||
<pre> |
<pre> |
||
| Line 39: | Line 39: | ||
Some banks allow customers to use their own pins and it is believed that about a third uses a birthday. |
Some banks allow customers to use their own pins and it is believed that about a third uses a birthday. |
||
---- |
|||
[[Passwords - Design Errors And Operational Issues|Back (Design Errors)]] | [[Passwords - Table of Contents|Table of Contents]] | [[Passwords - System Issues|Next (System Issues)]] |
|||
Latest revision as of 20:50, 8 November 2004
Guess we have a pin number: 3401, this number is coded in the following scheme with a word, let's say c-r-a-p supposed to be an easy reminder.
___0______1______2______3______4______5______6______7______8______9__ | | | | | | | | | | | | | | | C | | | | | | | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | | | | | R | | | | | | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | A | | | | | | | | | | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | | P | | | | | | | | | |______|______|______|______|______|______|______|______|______|______|
In the next step all the blank fields are filled up with random characters.
___0______1______2______3______4______5______6______7______8______9__ | | | | | | | | | | | | F | I | W | C | K | N | O | E | S | Y | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | H | F | V | O | R | G | T | D | F | U | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | A | G | E | L | P | H | M | D | A | C | |______|______|______|______|______|______|______|______|______|______| | | | | | | | | | | | | T | P | F | O | M | W | Z | K | S | K | |______|______|______|______|______|______|______|______|______|______|
Conclusion: This is really a bad mnemonic system for bank PINs. The odds sank from 1 in 3000 to 1 in 8 (if three attempts are allowed), because there are only about 20-30 words in the whole scheme.
Some banks allow customers to use their own pins and it is believed that about a third uses a birthday.
Back (Design Errors) | Table of Contents | Next (System Issues)