How a Hacker Remembers a PIN

If you have more than a few bank cards, door-entry keycodes, or other small numeric passwords to remember, it eventually gets to be a hassle. The worst, for me, is a bank card for a business account that I use once in a blue moon. I probably used it eight times in five years, and then they gave me a new card with a new PIN. Sigh.

How would a normal person cope with a proliferation of PINs? They’d write down the numbers on a piece of paper and keep it in their wallet. We all know how that ends, …read more

Continue reading How a Hacker Remembers a PIN

Best practices for usefully storing two factor authentication backup codes?

For a lot of web services offering two factor authentication, after setting up the system, you are given a short list of backup codes (one-time pads) that are around 7-10 characters long. These are meant to be used in cases where you do no… Continue reading Best practices for usefully storing two factor authentication backup codes?

How to cryptoanalyze a one time pad that uses a plain text document as the pad?

I have read that in order for a one time pad to be truly secure, the pad itself must be random data. Given the practical difficulty of sharing a secure random pad, I was wondering what would be the problems with using the va… Continue reading How to cryptoanalyze a one time pad that uses a plain text document as the pad?