OT: Cunning new scam.

I'd use a system if I had 3 cards or more to rememeber. Soemthing like my year of birth added to the card. So if I were born in 2013, the PIN of card 1 would be 2014 PIN of card 2 2015...

then you'll need to remmebr them yourself.

yes it's 4 with Barclays .

it doesn;t work if you turn your computer off either.

Maybe it's your PC that's the problem or outdated java or teh java that's been hacked.

yuo can disable poips in most browswers.

No they haven't properly (fully) thought through real world scenarios. I can have net access via WiFi but not have access to a phone, no mobile coverage and no land line.

Many sites make some very bad assumptions about the circumstances of users. The biggest is probably that everyone has NGA speeds so 2 MBytes per image then scaled by the browser to thumbnails and 5 MBytes of javascript to say "Hello, world" with a pink polka dot background that slowly animates the text into "Do you want to play a game?" is acceptable.

There is an unwritten rule of thumb that if a page takes longer than five seconds to download and fully render the user will think the site "unresponsive", extend that to 10 seconds and they will think it's broken and click again or go somewhere else.

I always fouind it strange that my father couldn;t remmebr his 4 digit number but could remmeber his 8 digit or more army number. it'sd strange how peolpe today can't remmeber a pin number but years ago most remembered their army numbers.

Why ?

They aren;t unique a friend has used mine so a theif could bring their own.

Which is why I keep it by the computer.

scam sites don;t have access to your card reader.

Your probely in prison solitary confinement or something.

Another question what if you don;t have fingers or hands , or blind.

What if you don't have a brain....

what if......

Although I am a bit concerned about removing cash fares from buses.

Would they have had an NCO shouting at them till they remembered it?

One bank says that my PIN must "unique". Given that PINs are 4 digits and there are hundreds of millions of accounts...

Having it locked away prevents some light-fingered person removing it, whether that's of use to them or not. I know where to find it & don't have to serach through the junk on my desk. It hides the fact I have a Barclays account. I also don't have a Barclays debit card, but have a card that's used just with the reader - that's locked away with it. The card is surely tied to me or my account.

Barclays branches are like hen's teeth in Scotland, and not convenient to get to.

That's just simply the way aging works - you tend to remember things of the distant past of your youth better than things of the recent past. So, for example, I can remember most of my parents' phone numbers from my most distant childhood ... Watlington 52 Belgravia 3197 Andoversford 248 (I think) Cambridge 57275 (easy, a palindrome) ... but I have difficulty in remembering the local exchange part of my landline phone here, so always give my mobile number instead!

It's interesting to speculate on the survival value of that. On the face of it, you wouldn't think there was any, but perhaps for animals that live in groups, there is ...

In herds of elephants, when stricken by drought, it is the oldest matriarchs who can often lead the herd to an obscure source of water they visited once or twice in their youth (and this is why it can be particularly disastrous for herds to lose these oldest elephants, which tend to have the biggest tusks, to poaching - it's not just the body and companionship of the elephant that is lost, but also the knowledge and experience that they have acquired over a long life).

Perhaps this is true also of humans. More recent events will be remembered by many younger group members, so it makes more evoluti>

I volenteered to do that, but I decided to tell him what number to use . I told him to use the first 4 digits of his army number, sorted.

In this case my pin number would be Belgravia I could even wriute that on t eh card. I used to wroite a fake PIN number on my card.

or the things that are most important to them or the things that have been important to them. It's just loike passwords a friend of mine lost theor ac co0unt because they couldn;t remmeber thier password after 3 years but tehn again never actually typed it in. Whereas I tend to not let my browswer re mmeber my password for certain things, meaning if I have to tyoe them in pe rhaps 3 times a day I'll remmeber it, if it once every 3 years I won't.

Army number is hardly surpising it's drummed into you and repeated on countless forms or having to shout it out on parade etc. I remember my old old staff number, I was made redundant 21 years ago...

PINs I remember more from the keypad pattern than the actual number.

But which is card 1, which card 2? B-)

Which I can do but it's just the number of things that Barclays requires. If the PINSentry thing is so good whay does it need to be proped up by surname, membership number, etc...

On the page after surname and membership number where it's asking for the eight digit PINSentry number it wants the last 5 digits of the card used.

The Barclays site uses javascript based popups to enter infromation for a payment or view statements etc. All they do, even on a reasonable machine, is slow things down.

Security. And as I can get the computer to remember those and top forget them, I'm not fussed.

And that card is in your grubby hand. It's stuffed into the card reader at that point so what's the problem?

I think their last revamp of the site was completely unnecessary. But so what. It works well enough and as you're typing in a one-time password and you have to mention a card that you own and prove to the card reader that you have the card there and know its PIN, I feel reasonably confident of its security.

The number of times I have listened to colleagues in an office answering such questions, had I been so minded, I'd at least have a good idea what the full number might be!

The one benefit was that instead of having to remember their "membership number" I can choose to enter sort code and account number instead, which have been drilled into my brain for 30-odd years.

Well, a bit less secure I'd say. That info is on every cheque you dish out, whereas the member number is on a letter they sent you, which you've kept secure.

Haven't you.

eh? Everyone here knows my surname. Membership number is kept in the PINSentry device in the little laminated thing supplied by Barclays with nothing on it to say "keep secure" or "remember and destroy".

Any security is *purely* down to possesing a card associated with the login and knowing the card PIN so you can get the "random" 8 digit code. So why bother with all the other rubbish?

When it's stuffed into the reader only the last four digits are visible. Just not thought through nicely.

Agreed, all puff and marketing. I don't like service sites that try and sell you "extras". I want to pay a bill or check a statement not fend of ads for stuff I have no interest in, if I was I'd go an look.

It's as secure as an ATM... so why bother with surname and membership number?

Swap your card reader with someone who has an RBS/Natwest card reader, that'll throw a would be attacker off the scent, they are interchangeable, but as others have said, if an attacker has your card they can use their own reader anyway.