The Tremendous Power of PIN

Can a PIN do what the password cannot do?

‘PIN’ belongs to the secret credential as a numbers-only weak password. Where the PIN is warmly welcomed for providing some security to a passwordless login, we would be watching a ‘password-dependent password-less’ solution. What a feat!

I hear that there are people who do not view the PIN as a member of the password family and allege that the PIN linked to a hardware is more secure than the password not linked to a hardware. It looks another feat! But what would we see if someone starts linking a password to the same kind of hardware?

Where a biometrics is also linked to a hardware together with a PIN in a multi-entrance deployment, the overall security is made even lower than a PIN-only login. It’s no good for the glorious PIN.

All those funny phenomena might have come from a simple mistake of mixing up the discussion of ‘authenticators’ with that of ‘deployment of authenticators’.

‘Authenticators’ and ‘Deployment of Authenticators’

Incidentally, where the ‘passwordless’ means ‘removal of the whole password family including PIN’ from digital identity altogether, the ‘passwordless’ login scheme would be tantamount to an ATM that automatically dispenses your money against your bank card without asking for your PIN. Can it be a great feat by any chance?

Key References

“Removal of Passwords and Its SecurityEffect”

“Aiming to Destroy Democracy?”

Digital Identity for Global Citizens

Image-to-Code Conversion by Expanded Password System

Summary and Brief History — Expanded Password System

Proposition on How to Build Sustainable Digital Identity Platform

Additional References

Account Recovery with Expanded Password System

External Body Features Viewed as ‘What We Are’

History, Current Status and Future Scenarios of Expanded Password System

Negative Security Effect of Biometrics Deployed in Cyberspace

Availability-First Approach

Update: Questions and Answers — Expanded Password System and Related Issues (30/June/2020)

< Videos on YouTube>

Slide: Outline of Expanded Password System (3minutes 2seconds)

Digital Identity for Global Citizens (10minutes — narrated)

Demo: Simplified Operation on Smartphone for consumers (1m41s)

Demo: High-Security Operation on PC for managers (4m28s)

Demo: Simple capture and registration of pictures by users (1m26s)

Slide: Biometrics in Cyber Space — “below-one” factor authentication

< Media Articles Published in 2020 >

Digital Identity — Anything Used Correctly Is Useful

‘Easy-to-Remember’ is one thing ‘Hard-to-Forget’ is another

Identity Assurance And Teleworking In Pandemic





Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Write-up: AWS Document Signing Security Control Bypass

How to become a Trips Liquidity Provider on xDai


CTF Walkthrough | TryHackMe | Defense Space

Case study — Adding a new retargeting channel to drive leads in B2B

{UPDATE} Pentix Tournament Hack Free Resources Generator

Is a well documented video that illustrate/enlighten @SecretNetwork the community perfectly…

Linux/Windows Password Manager “pass”

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Hitoshi Kokumai

Hitoshi Kokumai

Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.

More from Medium

Weekly essay — Open Source Round 1: Read other people’s code — part 2

IoT hydroponic tower setup — part 1 — motivation

How to debug instructions mixed with data using GDB-GEF

IoT Device Management Demand Gains Momentum