Whats your PIN number?

Page may contain affiliate links. Please see terms for details.

bonj2

Guest
Canrider said:
Sorry, I didn't mean increment the PIN, but just generate a new random number, so if you know that account# 100 has a (pseudorandom) PIN, then account #101 has a pseudorandom PIN governed by this, that, and the other properties of the (known) pseudorandom number generator. This would (taking the 'obvious' example of a bad generator like RANDU) drastically narrow down the range of PIN guesses needed to get into account #101, particularly so if #100's PIN is known.
OK, right - so presuming a bad (list-based/non-cryptographic) generator and assuming account #100 has a pseudo-random number off this list as its original PIN and account #101 has the next number off the list, then you could determine the PIN for account #101 if you knew the list.
 

classic33

Leg End Member
First digit is one more than the second digit times the third.
Third digit is the odd prime number.
Fourth is the newest number.

Simple, logical & totally confused the bank staff when asked how it was remembered.
 
stevenb said:
Mine is **** for my current account.
My credit card (which I never use anyway) is ****

Using my own forensic digital imprint analysis software I can tell you wrote out the numbers and then covered them with ****.... :biggrin:
 

asterix

Comrade Member
Location
Limoges or York
bonj said:
..Randomness is a subject that I know a great deal about and one that you probably shouldn't really question me on.

Surely (you don't mind if I call you 'Surely'?) if it is a subject you know a great deal about then you are precisely the person whom we should question on randomness?
 

bonj2

Guest
Well done.

So, a thief who has just swiped my wallet has three chances at getting the right 4-digit number. He doesn't know the date of birth of my neighbour's dog, so I'm safe.
He would if he'd been spying on you for years, and watched the dog's parents giving birth to it with his binoculars from up a tree years ago.
So the risk to my number being worked out doesn't warrant a degree in randomness does it?
I'm not attempting to illustrate that you're likely to have your money stolen by someone guessing your pin number, just slightly more likely than if you don't. As in, if you choose your own PIN number, the chances of someone guessing it might be, say, 0.0001001%. But if you don't, the chances are even less, as the algorithm the bank use to randomly generate it wil be protected, so unless the thief was the person who designed the algorithm and can deduce what random number it will produce for any given card, then he can't guess it - the chance may even be zero as the development process of the algorithm may take steps to make sure no individual member of staff can possibly glean such knowledge. In fact it probably does.

What's the thief more likely to know? How the bank computer generates numbers, or the number of bricks in our porch? And does it really matter?
The number of bricks in your porch can obviously be counted. But a thief doesn't know that's what your PIN number is based on. You can be fairly certain he won't guess it, but only because it's improbable, not because it's impossible.
 
Top Bottom