The biggest problem with the mobile version of Passpack is typing a long Packing Key. People often type the wrong one and have to repeat the process. That’s painful on a touchscreen keyboard.
So, I have just released a solution that solves this problem: a 4 character PIN that substitutes your Packing Key. This PIN is device specific, in other words, you set up a different PIN for each phone and tablet.
It works in a very simple way:
- your Packing Key is encoded using a randomly generated key
- the random key is stored in the local storage of the broswer on your device
- the encrypted Packing Key is send to the our server with the PIN
Next time you login to Passpack on that device, you’ll be asked for the PIN instead of the Packing Key. You have 3 attempts to type the correct one. At the third mistake the PIN will be deleted and yo’ll need to type the Packing Key as usual.
When used with the Remember me option, this is a great time saver!
Managing PINs and devices
From the Settings page, you can see what devices you have already activated and, possibly, remove them.
This is particularly important if you lose your mobile device.
About security
Initially I was thinking to use a numeric touchpad, like the kind many apps use for PIN numbers. But the risk is that you could be tempted to use the same numeric PIN that you use to access your device – and that would be bad. We don’t want anyone who can enter your device to be able to enter your Passpack account as well.
For this reason, I decided to allow a text PIN. This way you have a really better PIN since you can use everything, included international characters. For example, your PIN can be a string like arfk or xsTT but you can also decide to use a crazy strong PIN like Aò高8 that would be impossible to be guessed in three attempt. This strongly increases the security as compared to, for example, an ATM PIN.
Note. The quick PIN system needs an HTML5 browser to work. If your browser is not compatible, you won’t see the option to activate the PIN.
