Here's a *BRILLIANT* password idea! (Sarcasm on)

Len Reed lbr at holos0.UUCP
Thu Dec 1 01:04:31 AEST 1988


>From article <438 at amanue.UUCP>, by jr at amanue.UUCP (Jim Rosenberg):
= Well now, net folk, since we're talking about good and bad ideas for passwords,
= how does this idea strike you.  (1)  Restrict all passwords to a *MAXIMUM* of
= 4 characters.  (2) *PROHIBIT* anything but digits from appearing in a password.
= 
= Isn't this nifty?  You're probably thinking I'm a nut case.
= 
= Well surprise:  This exact password system is ***IN USE***!!!  In (are you
= ready:) ***BANKS***!!!  I am not kidding.  Do you have an Automatic Teller
= Machine card?  What does your password look like?  Every time I've been given
= one of those things the password was just 4 digits!!!!!!!

You have to have physical possession of the card, too, not just knowledge
of the account number.  The "password" merely stops someone from using
the card between the time it is stolen and the theft is reported to
and dealt with by the bank.  It's a backup to the main security stategy--
possession of the card.  Not exactly the same thing as a computer system
with dial-in capability.

The banks around here have a "three strikes and you're out" rule.  If you
put the card in and fail three times to get the password right the
machine keeps the card.

BTW, I do think you're a nut case.
-- 
    -    Len Reed



More information about the Comp.unix.wizards mailing list