|
American Express reduces potential credit card PINs from 10,000 to 366
Incident Date: August 2003 Incident Location: USA During the activation of an American Express credit card a customer discovered that the system would only accept four digit PINs that corresponded to dates. The automated system said that other customers liked the idea of using their mother’s birthday as the PIN. The customer found that only dates in the format of MMDD were allowed. This restriction effectively reduced the total possible number of PINs from 10,000 to 366. The customer was able to choose a PIN not meeting this standard by speaking with a customer service agent at American Express, but was cautioned against straying from this easily remembered format. Story Sources Title: American Express Security Author: Nicholas Singer Date: 8/15/2003 Publication: Crypto-Gram Publication Location: USA Publication URL: http://www.schneier.com/crypto-gram-0308.html Do you have additional information to contribute regarding this story? If so, please email siteupdates@passwordresearch.com with the details and source.
<-- Back to Authentication Story Index |