Changing PINs of German bank card

NdK ndk.clanbo at
Tue Jul 11 10:14:26 CEST 2017

Il 11/07/2017 09:44, Binarus ha scritto:

> - If somebody tries to brute force the pin (or online banking password),
> the access will be permanently denied if there are more than 3 failures
> (the exact number may vary). That means that the length of the pin /
> password is not as important as one might think, because it is
> practically impossible to brute force a 4 digit pin with only 3 tries.
If you routinely use your card twice a day, they can make two or four
guesses each day: every correct PIN you insert resets the counter.
The probability to guess the correct code during the 5-years life of the
card is definitely non-negligible.

> And there is one more very important thing most people don't think of:
> What happens if you have an accident or if you die? Your heirs will have
> all sorts of troubles if something happens to you and they can't access
> your electronic accounts because they don't have the passwords.
Usually there are other, non-technical ways. For example they just go to
the bank with a death certificate.

> So I tend to write down at least my master password on a sheet of paper,
> put that in a sealed envelope and give it to a relative who I highly
> trust. In case I die, they open the envelope, have the master password
> for my password safe and can use that to open the access to all my
> accounts. Alternatively, you could have some relative you trust memorize
> your master password. But since he won't use it regularly (hopefully),
> he probably will forget it after short time ...
Better use shamir's secret sharing, or just use LCD-segments characters
printed on two acetate sheets that need to be combined to be read.
Obviously the two sheets are to be given to two different people, in
sealed envelopes...

BTW the method you use is the same that was used for our mainframe's
master password. :)


More information about the Gnupg-users mailing list