On Monday 10 July 2017 23:42:12 Guan Xin wrote: > This is probably a general question -- > > I have never seen a German bank that allows changing the PIN of a > card. So I wonder if it is because using a fixed (non-changeable) > 4-digit PIN mailed in clear text really safer than using a 4 to 6 > digit variable length PIN that never explicitly appears anywhere.
... and that would very often be either 1234[56] or the card owner's date of birth as we all know. A random 4-digit PIN randomly chosen by the bank is certainly safer than this. > If German banks are right, then should I follow their method and store > the PINs of my OpenPGP cards on a piece of paper? German banks require you to destroy the PIN letter after memorizing the PIN. You are not supposed to keep the letter. If you want to follow their method then write your PIN on a piece of paper, memorize the PIN and then burn or eat the piece of paper. ;-) Regards, Ingo _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
