A report from Messente reveals that AI is now capable of cracking PIN codes in less than half a second. We're talking about four- or six-digit PINs like the PIN on bank cards or those used as security by certain services.
Are you also surprised that your bank card and certain services still use four-digit PINs? This is a shame, especially since much longer and more complex passwords never seem to be enough to secure your online accounts elsewhere. Conceived in the 1980s, the rather simplistic approach of the four-digit PIN (personal identifier number) to secure transactions and access has had its day.
And this is even more true with the advent of AI, which hackers are increasingly relying on. The better to shatter the now archaic security vestiges. A report by Messente (via Android Headlines) shows that it takes, on average, less than half a second to find a four-digit code using artificial intelligence.
The PIN is no longer enough to secure transactions
A problem that two-factor authentication would not fully address. Since the one-time code would only slightly delay access to an account or payment validation for a hacker using AI, the CEO of Messente explains: "For companies that use SMS or PIN verification processes, using weak PINs can leave customer accounts vulnerable, even when two-factor authentication is enabled."
This is cause for alarm at the persistence of these security measures, which it is certainly time to put away. But it also makes us wonder how to replace PINs and two-factor authentication with something much more secure. On the one hand, we must mention devices like Passkeys, which do away with codes in favor of a combination of a validation device (your smartphone) and biometric data (fingerprint, facial recognition, etc.).
However, these methods are not always possible to implement everywhere. With cases where entering codes remains necessary and desirable. For these, Messente recommends a multi-factorial approach. With one-time codes, time-based tokens, and possibly a PIN. This reduces the predictability of digital codes and therefore the ability of AI to break them.
0 Comments