PIN-holecomments powered by Disqus
Posted on Saturday, February 3 2007 @ 16:38:51 Eastern
As my friend and I walked out of our dorm rooms ready to head off to the movie theatre, I peered into my wallet.
One five and five ones. Certainly not enough for a ticket, a quick bite, and a cab ride.
I frequently go to the ATM at my university's snack shop when I'm running short, and since it was on the way to Broadway (the hive of yellow and black taxicabs), it seemed perfect. From the back of the line, I shuffled my feet until I reached the stall and dipped my Citibank debit card into the slot. Then I pressed in my PIN.
And it hit me. A four-digit long password. #-#-#-#.
My checking account and savings account, the place where I store my hard-earned cash, is protected my four characters. Worse yet, each of those four characters have just ten possibilites for a total of a measly ten thousand possibilities. More than several websites, including the official Citibank website, force you to create passwords with strong alphanumeric chains.
Why haven't banks done the same, especially in an industry that demands security? Sure, if a thief wanted to steal your PIN, let alone your identity, there are sophisticated hacking techniques to do so (and also looking in your trash). But at the very least, enforcing stronger passwords would prevent possible thieves from being able to just look over your shoulder and remember where your finger was in four locations.