|
|
|
|
|
|
by eloeffler
1867 days ago
|
|
|
As others pointed out, it doesn't make much sense to hash PINs due to the small space that they cover. Using salts or additional information for hashing would only need further plaintext information to be stored and wouldn't solve the problem. However, as soon as the magnetic strop is completely replaced, wouldn't it make sense to store a more complex secret on the chip of the card that will then be transmitted upon entering the correct pin? That would be proper 2FA, I would say. Of course the chip would have to lock down after multiple attempts (brute force) and it should be non-trivial to access the memory of the chip from the outside, which is already the case I assume? (looking at experts) |
|
|
A more complex secret is stored on the chip. The PIN is used along with some input, the chip uses the PIN to unlock the internal secret, it signs (or hashes, whatever) the input with the secret and returns the result. Decent chip & PIN devices are even tamper proof to prevent the PIN from being intercepted in the input phase.
Note that the PIN is not limited to 4 digits. It's only 4 digits when dealing with legacy hardware (and magnetic strips). The PIN on my CC is 6 digits.