Path: utzoo!utgpu!watmath!clyde!att!rutgers!cmcl2!nrl-cmf!ukma!cwjcc!hal!nic.MR.NET!uwmcsd1!marque!uunet!munnari!murtoa.cs.mu.oz.au!glf@munnari From: glf@munnari (Giuseppe Fiusco) Newsgroups: comp.unix.wizards Subject: Re: Here's a *BRILLIANT* password idea! Message-ID: <1096@murtoa.cs.mu.oz.au> Date: 2 Dec 88 07:14:06 GMT References: <43034@ccicpg.UUCP> Sender: news@cs.mu.oz.au Reply-To: glf@munnari Lines: 38 From article <43034@ccicpg.UUCP>, by nick@ccicpg.UUCP (Nick Crossley): > In article <10900@ulysses.homer.nj.att.com> ekrell@hector.UUCP (Eduardo Krell) writes: >>Well surprise: This exact password system is ***IN USE***!!! In (are you >>ready:) ***BANKS***!!! I am not kidding. Do you have an Automatic Teller >>Machine card? What does your password look like? Every time I've been given >>one of those things the password was just 4 digits!!!!!!! > > But, in the UK at least, if you abort the 'login' attempt after the 2nd > attempt (there is a button to do this), you get your card back, and can > then try again immediately. Thus you have an unlimited number of attempts. > I have not tried this on a machine in the US. I do not know about England but given the various machines that I have used only tend to give the users 3 goes whether they cancel or not. This gives the user the chance to cancel and check in some way thier ID but does not allow someone to continually attempt to use the card by trying to guess the number. This can be dependant on whether the ATM is on or off line to the bank. > I have often wondered about the four-digit limit anyway - surely even some > branches must have close to 9999 accounts, let alone whole banks. That does > make the code number very unique. Passwords never need be too unique as they are tied to the id of the requester and the methodolgy used to gain access to the protected enviroment. For ATM's the four digit number is reasonable Now this really has nothing to do with UNIX :-) Giuseppe Fiusco Department of Computer Science , University of Melbourne, Parkville, Victoria 3052, Australia VOICE: (03) 344 7415 (International: +61 3 344 7415) ACSnet: glf@munmurra.mu.oz UUCP: {uunet,mcvax,ukc,ubc-vision}!munnari!munmurra.mu.oz!glf ARPA: munnari!munmurra.mu.oz!glf@uunet.css.gov CSNET: glf%munmurra.mu.oz@csnet-relay