On Tue, Aug 23, 2011 at 9:56 AM, Werner Koch <w...@gnupg.org> wrote: > On Tue, 23 Aug 2011 15:12, da...@systemoverlord.com said: >> Would it be reasonable to say that you may use a significantly smaller >> PIN for your smartcard than would be required of a passphrase, since >> the smartcard locks itself after 3 tries? > > Yes. It is up to 6 tries because an attacker may also try to open the > card using the admin PIN.
So even a 4-digit PIN would ensure a less than 1% chance of guessing the PIN. (Assuming that the user does not select obvious pins like birthdates, anniversaries, etc.) At 8 digits, the probability becomes something like 6*10^-8, if I do the basic math correctly. Seems pretty secure. >> Since I don't use a reader with a pinpad, I must type my PIN in, and >> thus have about 8 alpha-numeric characters for my regular PIN. (The > > Better use only digits - if you need to use a keypad you can't do that > instantly. > > > Shalom-Salam, > > Werner Thanks Werner! David -- David Tomaschik, RHCE, LPIC-1 System Administrator/Open Source Advocate OpenPGP: 0x5DEA789B http://systemoverlord.com da...@systemoverlord.com _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
