I find some cases (especially in online games) that a software or website asks users to enter an additional password, such as 4 or 6 digit pin numbers, in addition to their original password. Most of the cases, pin is prompted immediately after users successfully logs in with their username and password.
Is this really necessary?
Does an additional password makes the site or software more secure?
In what scenarios that it is needed to use an additional password?
EDIT:
Thank you for all your answers.
But what I really mean by "pin" is a secret code that has the same usage / behavior as a password.
The "pin" is secret, can be changed by user, and probably hashed & stored in a database the same way like a password does.
Here's one example I encountered in an online game:
When a user enters/runs the game for the first time, the game prompts to enter a "pin" consists of 4 digit numbers. This pin can be changed later.
The pin is always used whenever another time the user logs in, and is prompted after the user enters his/her username and password.
Aucun commentaire:
Enregistrer un commentaire