Hash the member PIN code

[emanuelen5]

People tend to use a familiar PIN code when they change it manually, so let's hash it so it can't be read back from the backend.

[HalfVoxel]

Right now we allow people to view their pin code on the member portal. This would no longer be possible, in that case.
Also: the pin code is only 4 digits. Any hash could be almost trivially brute-forced.

In any case, I think we should deprecate the pin code now that passwords are properly supported for regular members. I don't see why we should have two password-like systems.
Memberbooth already supports logging in using either the pin code or the password.

[emanuelen5]

Right now we allow people to view their pin code on the member portal. This would no longer be possible, in that case.

Yes.

I don't see why we should have two password-like systems.

The PIN code serves a different purpose than the password.

• The PIN code doesn't protect any sensitive information (only for printing labels and show access).
• The password is used for logging in to the admin page, where there is sensitive information.

I want the PIN to be easy to type so that I can easily log in to the Memberbooth. But I certainly wouldn't want my password to be that easy. And I (including probably many more) use a password manager that generates the passwords for me, so they are also hard to type.