If you haven't yet read the DataGenetics post on PIN frequency, you should. It's an amazing article with some extremely impressive data visualisation.
If you see your bank/ATM PIN in the frequency tables there, smack yourself for being predictable, then go have a chat with a random number generator.
I was unsurprised but relieved to see that I'm unpredictable, but not suspiciously and unusually unpredictable. Just where you want to be.
BTW, if you're a software developer who has anything even tangentially to do with security and you don't know what "hash" and "salt" mean or the difference between hashing and encryption, consider yourself dead-fish-slapped. Go. Learn. Now, before you contribute to this dataset.
Thanks for the blog, Craig; I thoroughly enjoy all your posts. wpReplyDelete