Here's a *BRILLIANT* password idea!

[Giuseppe Fiusco]

>From article <43034 at ccicpg.UUCP>, by nick at ccicpg.UUCP (Nick Crossley):
> In article <10900 at ulysses.homer.nj.att.com> ekrell at hector.UUCP (Eduardo Krell) writes:
>>Well surprise:  This exact password system is ***IN USE***!!!  In (are you
>>ready:) ***BANKS***!!!  I am not kidding.  Do you have an Automatic Teller
>>Machine card?  What does your password look like?  Every time I've been given
>>one of those things the password was just 4 digits!!!!!!!
> 
> But, in the UK at least, if you abort the 'login' attempt after the 2nd
> attempt (there is a button to do this), you get your card back, and can
> then try again immediately.  Thus you have an unlimited number of attempts.
> I have not tried this on a machine in the US.

I do not know about England but given the various machines that I have used
only tend to give the users 3 goes whether they cancel or not. This gives
the user the chance to cancel and check in some way thier ID but does not
allow someone to continually attempt to use the card by trying to guess the
number. This can be dependant on whether the ATM is on or off line to the
bank.

> I have often wondered about the four-digit limit anyway - surely even some
> branches must have close to 9999 accounts, let alone whole banks.  That does
> make the code number very unique.

Passwords never need be too unique as they are tied to the id of the requester
and the methodolgy used to gain access to the protected enviroment.
For ATM's the four digit number is reasonable

Now this really has nothing to do with UNIX :-)

Giuseppe Fiusco
Department of Computer Science ,
University of Melbourne, Parkville, Victoria 3052, Australia

VOICE:  (03) 344 7415 (International: +61 3 344 7415)
ACSnet: glf at munmurra.mu.oz
UUCP:	{uunet,mcvax,ukc,ubc-vision}!munnari!munmurra.mu.oz!glf
ARPA:	munnari!munmurra.mu.oz!glf at uunet.css.gov
CSNET:	glf%munmurra.mu.oz at csnet-relay