Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I've known banks that don't let you change the PIN on their cards - for "security" reasons. And banks with 5-digit maximum password lengths - "oh, it's strong enough, you need to use a token to get money out anyway" ... but not to login.


Many banks in Saudi Arabia have changed their standard for PIN length from 6 digits to 4 digits. I cannot comprehend why would anyone make such decision.


Many international withdrawals only do 4 digits which means 6 digits in your home country becomes meaningless...


they should fix the underlying problem but in the meantime, they probably could just automatically truncate to 4 chars when 6 can't be used?


No, because certain combinations, e.g. 1111 are prohibited in four digit codes but wouldn't be at the start of six digit codes.


The IT community should launch a campaign against the stupidity of banks' security procedures, which discredit our jobs...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: