[127131] in cryptography@c2.net mail archive
Re: The wisdom of the ill informed
daemon@ATHENA.MIT.EDU (dan@geer.org)
Mon Jun 30 18:59:55 2008
From: dan@geer.org
To: Ed Gerck <edgerck@nma.com>
cc: Cryptography <cryptography@metzdowd.com>
In-Reply-To: Your message of "Sun, 29 Jun 2008 15:32:56 PDT."
<48680D98.8040203@nma.com>
Date: Mon, 30 Jun 2008 13:44:56 -0400
Ed Gerck writes:
-+--------------
| ...
| Not so fast. Bank PINs are usually just 4 numeric characters long and
| yet they are considered /safe/ even for web access to the account
| (where a physical card is not required).
|
| Why? Because after 4 tries the access is blocked for your IP number
| (in some cases after 3 tries).
| ...
So I hold the PIN constant and vary the bank account number.
--dan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
