Passwords and PINS

Discussion in 'other security issues & news' started by jimisbell, Sep 16, 2013.

Thread Status:
Not open for further replies.
  1. jimisbell

    jimisbell Registered Member

    Sep 16, 2013
    United States
    I am not sure where to start this thread, someone will probably tell me.....LOL

    I am having a problem with security with my Credit Union. Apparently no one in that business knows anything about security.

    I am 77 years old and for much of my life I held a Top Secret clearance and when it wasnt TS it was Secret or Confidential. I lived and breathed security.

    My Credit Union wants me to change my password every 6 months. To me this is a violation of security in the worst way because it requires that you memorize another password every 6 months. This will require writing it down somewhere for at least the first month, until it is memorized. Writing it down is a breach of security. It will get worse as the passwords continue to change and you find yourself remembering the wrong one.

    We always learned that a password, known only to yourself, and kept only in your head, was the best one, and unless it was compromised it was best kept forever so you would not have to write it down.

    Earlier today I had ANOTHER security run in with the CU when I went in to activate a debit card on my account for my wife's use. They asked what the PIN number was and I replied, I dont want a PIN as it will just compromise my 12 character password (36 to the 12th power) with a much weaker (10 to the 4th power) password. This PIN as they call it will allow anyone that has my card, or just the card number, to drain my account with a guess of only 10,000 at my "password"

    Why cant the banking community understand that 4 digits is not as secure as 12 characters?

    I need a Bank/Credit union that understands security not run by a bunch of, not dry behind the ears, kids that have never been there. I think that the old codgers like myself that have been there and done it are all retiring and we failed to pass on what we learned.
  2. HAN

    HAN Registered Member

    Feb 24, 2005
    If you search through many threads here at Wilders, you'll find many varying opinions on similar subjects as yours.

    My feelings are similar to yours. If you have good, strong passwords, they do not need to be changed often. The one positive thing I have read recently is that others are beginning to see things in a like manner.

    As for bank card PIN codes, I agree that they are a step backward for security. But I don't see things changing there soon...
Thread Status:
Not open for further replies.