What is the Difference Between Passwords and PINs

Historically, passwords have seen a lot of use since ancient times. The first verified use of passwords in the Roman military, where they were used to establish security and assure discipline – and they seem to have been an effective tool for that purpose. As times changed and the needs of human society evolved with that change, the purpose and pertinency of passwords has only increased – to the point where you can’t turn around nowadays without being asked for a password.

Well, that might be an exaggeration, but anyone who’s spent any time on the Internet will know that it’s not that gross of an overstatement. Every social network, every site, every forum, every emailing service requires almost anyone who uses it to have an account and inevitably – a password. Additionally, electronic locks are also quite common nowadays, both for office buildings and personal residences – not to mention that there are passwords put in place to provide identity verification on many real-life services. Even the manufacturers of padlocks sometimes forgo the need for keys in favor of a symbol combination on the lock itself.

Long story short – passwords are required everywhere, from the text box on your computer that you need to fill in order to access your emails, to the number you need to punch in the ATM keypad to get some cash to buy a burger. Or are they?

There is something of a philosophical discussion on the matter of exactly what constitutes a password and what differentiates it from a PIN, or personal identification number. Some have claimed that those two things are different – and, in a broader historical sense, that is true. For instance, passwords have been around since ancient times, and for the most part, they consisted of actual words that two parties exchanged as a form of identity verification. The PIN has only been around since the late sixties when it consisted of a simple numeric string that was used to verify the identity of an ATM’s customer.

However, in the present day, the line between a password and a PIN seems blurred. Most passwords in use currently have a much higher level of complexity, with most sites not allowing their users to set up an account with a password that does not contain at least a certain number or letters, symbols and numbers. Pins have also become alpha-numeric in many instances, so at this point the content of the string can’t be used to classify the method of identity verification as either a password or a PIN.

There are no rules as to what constitutes a password or a pin in terms of length, either - though on average, it seems that passwords tend to have a higher minimum symbol requirement than PINs.

An argument can be made that what the identity verification unlocks can be used to classify it as either a password or a PIN. For instance, passwords are used to grant access to assets or services provided remotely – such as your emails, while a PIN is used to unlock something local – such as a phone, or a door. However, that distinction falls flat when you consider the fact that the PIN was pioneered and popularized by the use of ATM machines – and they do not provide localized service. In fact, that’s their whole point – for the most part, you can use any ATM machine you wish to withdraw cash, even if it’s not your bank that owns said ATM. By the same token, you also have safes that require you to input passwords. So that can’t be it.

As far as logic and reason is concerned, the only possible major difference between a password and a pin is the fact that for the most part, PINs are used as an additional layer of identity verification – not the first and only defense of an account. You usually need to have an additional, sometimes – physical component, in order to actually use the pin. Case in point – the debit card you use to withdraw from an ATM. Or the device that you want to unlock – you need to actually have it on hand to be able to do so. They can also be used alongside passwords, or instead of passwords, though – so that’s also inconclusive.

Overall, the fact that there are no universal definitions as to what constitutes a password and a PIN makes them hard to distinguish. Additionally, the fact that they are used for similar functions and have similar content does not so much blur the line between the two, as it mostly erases it. This is why the two terms are mostly used interchangeably.

August 27, 2019