Shostack + Friends Blog Archive


Dear $LOCALBANK That I Use

Keeping a database of all of your ATM PINs in a clear (or possibly encrypted but easily reversible) text database is not a good idea. I honestly can’t see any use value for this, especially when they won’t tell you what your PIN is even if you have multiple forms of government issued identification.
No thanks; No love

3 comments on "Dear $LOCALBANK That I Use"

  • C says:

    Banks without good security? Pfft, next you’ll say that Mac’s aren’t secure!
    /sarcasm off

  • Dan Weber says:

    On one hand, I was really surprised when Bank Of America/Fleet/BankBoston/BayBank went through some merger and sent me a letter with my PIN in it.
    On the other hand, would one-way encryption really help any? If you get a hold of the encrypted passwords and know the algorithm, even if it’s a custom algorithm and a custom salt for each and every account, it’s trivial to run through the 10^6 combinations.
    (As another aisde: I first set up my account with an 8-digit pin. Classmates pointed out that you only needed the first 4 digits, and sure enough you did. But after one of the mergers, it changed to needing the first six characters, so I had to re-learn the mnemonic I used to set it up, since I hadn’t used characters 5 & 6 in years.

  • Dan Weber says:

    Now I remember that Silvo Micali taught me about probabilistic encryption while I was in grad school, so I’m suitably humbled.
    Although I’m not sure, off hand, that you can combine a one-way hash with probabilistic encryption in a non-ugly way. Might just be a failure of my imagination, though.

Comments are closed.