2
jakobev
6y

So... there is a bank. And the website for example is using "https". Alright. But the Login consists your login ID (in the most cases your account number) and a Pin number ( only 5 chars) If i remember pentesting, crunch etc a pin or password with 5 chars (included special characters) is fast hackable or not? Or is it super secure cuz of the "https"?

Comments
  • 2
    Does it have some captcha? Also it can have some rate limiter based on session / ip in backend..
  • 0
    @myss dang it! ofc 🤦‍♂️.. oh man didnt thought about it.. just forget it guys.
    i have to learn much more about IT security..
  • 1
    If the Captcha is old, you can implement something OCR, and do dynamic IP changing by switching rebooting or something similar
  • 0
    @inukinator you don't even need to reboot, just restart the Internet interface, or somehow dynamically reassign IP
Add Comment