Remember meForgot password?
    Log in with Twitter
Blog Posted in avatar   Callum Stewart's Blog

How Easy is it Really to guess a PIN?

By Callum Stewart
Posted Sep 20, 2012 in Technology
How easy would it be for a thief to guess your four-digit PIN?
If he were forced to guess randomly, his odds of getting the correct number would be one in 10,000 - or, if he has three tries, one in 3333.
But if you were careless enough to choose your birth date, a year in the 1900s, or an obvious numerical sequence, his chances go up. Way up.
Researchers at the data analysis firm Data Genetics have found that the three most popular combinations - 1234, 1111, and 0000 - account for close to 20 per cent of all four-digit passwords.
Meanwhile, every four-digit combination that starts with 19 ranks above the 80th percentile in popularity, with those in the late - er, upper - 1900s coming in the highest.
Also quite common, in the US at least, are MM/DD combinations - those in which the first two digits are between 01 and 12 and the last two are between 01 and 31.
So choosing your birthday, your birth year, or a number that might be a lot of other people's birthday or birth year makes your password significantly easier to guess.
On the other end of the scale, the least popular combination - 8068 - appears less than 0.001 per cent of the time. (Although, as Data Genetics acknowledges, you probably shouldn't go out and choose 8068 now that this is public information.)
Rounding out the bottom five are 8093, 9629, 6835, and 7637, which are all nearly as rare.
Data Genetics came up with the numbers by analysing a database of 3.4 million stolen passwords that have been made public over the years. Most of these are passwords for websites. But by looking specifically at those that comprise exactly four characters, all of which are numerals, the researchers figured they could get a decent proxy for ATM PINs as well.
One would hope, of course, that fewer people choose 1234 to protect their bank accounts than to log in to random websites. But Data Genetics found some circumstantial evidence to support its hypothesis that there are some strong correlations between the two.
For instance, the combination 2580 was the 22nd-most popular in their data set. Why so high? Probably because those four numbers appear in a single column from top to bottom on a phone or ATM keypad. On most computer keyboards, they do not.

More about Pin, Credit, Card, Easy