Skip to main content
Ch. 3 - Probability
Larson - Elementary Statistics: Picturing the World 8th Edition
Larson8th EditionElementary Statistics: Picturing the WorldISBN: 9780137493470Not the one you use?Change textbook
All textbooksLarson 8th EditionCh. 3 - ProbabilityProblem 3.RS.3b
Chapter 3, Problem 3.RS.3b

You work in the security department of a bank’s website. To access their accounts, customers of the bank must create an 8-digit password. It is your job to determine the password requirements for these accounts. Security guidelines state that for the website to be secure, the probability that an 8-digit password is guessed on one try must be less than 1/60^8, assuming all passwords are equally likely.
Your job is to use the probability techniques you have learned in this chapter to decide what requirements a customer must meet when choosing a password, including what sets of characters are allowed, so that the website is secure according to the security guidelines.
3. For additional security, each customer creates a 5-digit PIN (personal identification number). The table on the right shows the 10 most commonly chosen 5-digit PINs. From the table, you can see that more than a third of all 5-digit PINs could be guessed by trying these 10 numbers. To discourage customers from using predictable PINs, you consider prohibiting PINs that use the same digit more than once.
b. Would you decide to prohibit PINs that use the same digit more than once? Explain.

Verified step by step guidance
1
Step 1: Begin by analyzing the probability of guessing an 8-digit password correctly on one try. The total number of possible passwords depends on the set of characters allowed (e.g., digits, letters, special characters). For example, if only digits are allowed, there are 10 choices (0-9) for each of the 8 positions, resulting in a total of 10^8 possible passwords. Use the formula for probability: P = 1 / (total number of possible passwords).
Step 2: Compare the calculated probability of guessing an 8-digit password to the security guideline threshold of 1 / 60^8. If the calculated probability is greater than the threshold, additional requirements (e.g., expanding the character set or increasing password length) must be implemented to reduce the probability below the threshold.
Step 3: For the 5-digit PINs, analyze the table provided to determine the proportion of PINs that are predictable based on the 10 most commonly chosen PINs. Calculate this proportion by dividing the number of predictable PINs (10) by the total number of possible PINs (10^5 if only digits are allowed). This will give the fraction of PINs that are predictable.
Step 4: Evaluate the impact of prohibiting PINs that use the same digit more than once. If repetition is prohibited, the number of possible PINs decreases because each digit must be unique. Calculate the new total number of possible PINs using permutations: P(n, r) = n! / (n - r)!, where n is the total number of digits (10) and r is the length of the PIN (5). Compare this new total to the original total to assess whether prohibiting repetition significantly reduces the pool of possible PINs.
Step 5: Consider the trade-offs of prohibiting repetition. While it may reduce predictability, it also limits customer choice and may not fully address the issue of commonly chosen PINs. Propose alternative strategies, such as requiring PINs to include a mix of digits or prohibiting the 10 most commonly chosen PINs directly, to enhance security without overly restricting customer options.

Verified video answer for a similar problem:

This video solution was recommended by our tutors as helpful for the problem above.
Video duration:
3m
Was this helpful?

Key Concepts

Here are the essential concepts you must grasp in order to answer the question correctly.

Probability

Probability is a measure of the likelihood that a particular event will occur, expressed as a number between 0 and 1. In the context of password security, it helps determine how many possible combinations exist for a given password length and character set. For example, if a password consists of 8 digits, the total number of combinations can be calculated to assess the security level against guessing attempts.
Recommended video:
5:37
Introduction to Probability

Character Set

A character set refers to the collection of characters that can be used to create passwords or PINs. This can include digits, letters, and special symbols. The size of the character set directly impacts the total number of possible combinations; for instance, using only digits (0-9) limits the options compared to including uppercase and lowercase letters and symbols, thereby affecting the overall security.
Recommended video:
Guided course
03:26
Calculating the Median

Predictability and Uniqueness

Predictability in passwords or PINs refers to how easily a password can be guessed based on common patterns or frequently used combinations. Uniqueness is the quality of being distinct and not easily replicated. Prohibiting the use of repeated digits in PINs enhances uniqueness, making it harder for attackers to guess, especially if many users tend to choose common or predictable numbers.
Recommended video:
Guided course
09:00
Prediction Intervals
Related Practice
Textbook Question

A person's building access code is their first and last initials and four digits.

You know a person's first name only, and you know that the last digit is odd. What is the probability of guessing this person's code on the first try?

Textbook Question

7. There are 16 students giving final presentations in your history course.

b. Presentation subjects are based on the units of the course. Unit B is covered by three students, Unit C is covered by five students, and Units A and D are each covered by four students. How many presentation orders are possible when presentations on

the same unit are indistinguishable from each other?

Textbook Question

4. The table on the left shows the secondary school student enrollment levels (in thousands by grade) in Oklahoma and Texas schools in a recent year. (Source: U.S. Nation

for Education Statistics)

A student in one of the indicated grades and states is randomly selected. Find the probability of selecting a student who

d. is enrolled in Texas, given that the student is in twelfth grade.

Textbook Question

You work in the security department of a bank’s website. To access their accounts, customers of the bank must create an 8-digit password. It is your job to determine the password requirements for these accounts. Security guidelines state that for the website to be secure, the probability that an 8-digit password is guessed on one try must be less than 1/60^8, assuming all passwords are equally likely.

Your job is to use the probability techniques you have learned in this chapter to decide what requirements a customer must meet when choosing a password, including what sets of characters are allowed, so that the website is secure according to the security guidelines.

2. Answering the Question

a. What password requirements would you set? What characters would be allowed?

1
views
Textbook Question

In Exercises 29-32, find the probability.

31. A 12-sided die, numbered 1 to 12, is rolled. Find the probability that the roll results in an odd number or a number less than 4.

Textbook Question

In Exercises 35–38, the bar graph shows the results of a survey in which 8806 undergraduate students were asked how many hours they spend on studying and other academic activities outside of class in a typical week. (Source: American College Health Association)

" style="" width="480">

37. Find the probability of randomly selecting an undergraduate who does not study from 6 to 10 hours per week.