Beware the Temptation of Mobile App PINs

We’d like to think the banks and other financial institutions are on the ball when it comes to account security but there are some glaring cases when this isn’t the case.

For example, some banks restrict not just the types of characters you can use for a password but sometimes their maximum and/or minimum length. This gives more information to potential hackers to whittle down potential password combinations than they should otherwise be able to figure out.

Anyway, some apps are now offering the ability to use a PIN to log into your financial account (often required to be exactly four digits). Four digits does provide ten thousand PIN combinations (from 0000 to 9999) and depending upon the password policies of each financial institution it could be possible for somebody malicious to try a couple of PINs every so often to see if they can get in but not enough to lock your account. Sure, it could take some time but perhaps not if it is a more commonly used combination like 0000, 1111, 2222, 1234, etc.

Ultimately, PINs can be convenient for touchscreen devices where you want to get in and do something quickly but it can come at the expense of some security.

Leave a Reply

Your email address will not be published.