by Gary Beach

How Do We Manage Our Expanding Collections of Passwords and PINs?

News
Apr 15, 20013 mins
Privacy

Access codes and personal identification numbers–or PINs–are becoming a major pain. Try to get through a day without using one. Sadly, it is nearly impossible. You need one PIN to get cash from the ATM, another to make long-distance telephone calls when you are away from the office and yet another to log on to your company’s computer network.

With scores of numbers and codes to remember, many of my friends have resorted to using one code or PIN, such as a birth date, anniversary or pet’s name. This, however, is throwing digital caution to the wind. If you use one code for everything, security pros warn, you jeopardize them all. If someone steals your PIN to your favorite online service they could potentially also get into your bank account. There is no end to the damage he or she could do.

To protect ourselves, experts advise using multiple codes of totally random numbers, letters or punctuation marks–and they advise us to change these codes several times a year.

Life is already too complicated for all these numbers. I have codes recorded in my digital organizer, my daybook and the really important ones buried deep inside my wallet.

Maybe my friends who use one code are on to something, though. What if you could have one highly secure code or PIN that would be your digital persona for all your code-required tasks? Would that interest you?

Well, it doesn’t interest technology researchers, who are strongly against such an idea. They say such an approach offers too much opportunity to build databases that would link enormous amounts of personal information with the PIN as the digital conduit.

But others are moving ahead. One group in California is calling for the issuance of digital smart cards to initially be used for commercial transactions and e-government activities like voting. And one of the world’s largest credit card companies has tackled the problem from the polar opposite end of “one PIN per person” by assigning “use once and then throw away” codes for purchases made over the Internet. This seemingly wasteful approach underscores an important point: There are hundreds of billions of unique numbers available.

In the coming decade, more daily activities will become digitized, resulting in more access codes and PINS to remember.

If people like you and I want one PIN or code for our digital identity, technologists will have to figure out a way to make it happen–and to keep those codes safe.