Security

Bootstrapping Mobile PINs Using Passwords

Free registration required

Executive Summary

The authors describe a method of deriving PINs from passwords. The method is useful to obtain friction-free user on-boarding to mobile platforms. It has significant business benefits to organizations that wish to introduce mobile apps to existing users - but which are reluctant to make the users authenticate with passwords. From the user's perspective, a PIN is easier to enter than a password, and a derived PIN does not need to be remembered - assuming the user can recall her password. The use of tiered authentication - relying on both PINs and passwords - hardens systems against compromise.

  • Format: PDF
  • Size: 735.5 KB