Smartcard PIN may be shorter than passphrase?
David Tomaschik
david at systemoverlord.com
Tue Aug 23 15:12:49 CEST 2011
Would it be reasonable to say that you may use a significantly smaller
PIN for your smartcard than would be required of a passphrase, since
the smartcard locks itself after 3 tries?
Since I don't use a reader with a pinpad, I must type my PIN in, and
thus have about 8 alpha-numeric characters for my regular PIN. (The
admin PIN is somewhat longer.) Would this be considered a reasonable
length?
(Someone who can read the memory on a smart card by opening it up is
NOT in my threat model -- if they can do that, they have much easier
ways to coerce me into giving up my PIN.)
--
David Tomaschik, RHCE, LPIC-1
System Administrator/Open Source Advocate
OpenPGP: 0x5DEA789B
http://systemoverlord.com
david at systemoverlord.com
More information about the Gnupg-users
mailing list