On Tue, Aug 23, 2011 at 9:56 AM, Werner Koch <w...@gnupg.org> wrote:
> On Tue, 23 Aug 2011 15:12, da...@systemoverlord.com said:
>> Would it be reasonable to say that you may use a significantly smaller
>> PIN for your smartcard than would be required of a passphrase, since
>> the smartcard locks itself after 3 tries?
>
> Yes.  It is up to 6 tries because an attacker may also try to open the
> card using the admin PIN.

So even a 4-digit PIN would ensure a less than 1% chance of guessing
the PIN.  (Assuming that the user does not select obvious pins like
birthdates, anniversaries, etc.)  At 8 digits, the probability becomes
something like 6*10^-8, if I do the basic math correctly.  Seems
pretty secure.

>> Since I don't use a reader with a pinpad, I must type my PIN in, and
>> thus have about 8 alpha-numeric characters for my regular PIN.  (The
>
> Better use only digits - if you need to use a keypad you can't do that
> instantly.
>
>
> Shalom-Salam,
>
>   Werner

Thanks Werner!

David


-- 
David Tomaschik, RHCE, LPIC-1
System Administrator/Open Source Advocate
OpenPGP: 0x5DEA789B
http://systemoverlord.com
da...@systemoverlord.com

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to