Here's a *BRILLIANT* password idea! (Sarcasm on)

[Barry Margolin]

In article <10900 at ulysses.homer.nj.att.com> ekrell at hector.UUCP (Eduardo Krell) writes:
>In article <438 at amanue.UUCP> jr at amanue.UUCP (Jim Rosenberg) writes:
[ATM passwords are 4 digits]
>I don't know about your bank, but mine will take away your card if you
>enter the wrong PIN something like 3 or 5 times in a row (the ATM will
>eat the card).

Even without this, there are other safeguards.  First and foremost,
the perpetrator needs your card.  Of course, if he has your card he
doesn't really need to guess your password, since it is encoded on the
card, so if he knows what he is doing he can simply change it.  If he
doesn't have your card, but has instead manufactured a forged card, he
doesn't need your password since he can put whatever password he wants
on it.

I may be wrong about the password being on the card.  In that case,
there is still another piece of security: the only interface an
outsider has is the ATM.  In the case of Unix, if someone can read the
encrypted passwords he can run a program to try lots of passwords very
quickly.  With an ATM you can't download the encrypted passwords, so
you would have to stand there typing in passwords.  If you could enter
a password every second it could take three hours to find a password.
If the ATM spits out the card after a couple of bad passwords (as I
think mine does) this could slow you down by an order of magnitude.

When there isn't a means for trying passwords at high speed, as there
is in Unix (without shadow password files), it isn't as important to
make the password namespace really large.


Barry Margolin
Thinking Machines Corp.

barmar at think.com
{uunet,harvard}!think!barmar