How Predictable Is Your PIN Code?
By Eric Andring, Information Security Officer, Bell State Bank & Trust
If you lost your ATM card or credit card, how easy would it be for someone to guess your personal identification number (PIN) and either clean out your bank accounts or charge excessive amounts on your credit cards? The process would be very easy if your PIN code is found on the top 20 listing (see chart).
It doesn’t always take a rocket scientist to be able to guess the most commonly used PIN numbers as some of them are easily attainable by searching online. However, in this case, I am citing work and statistics conducted by Nick Berry, rocket scientist, president, and founder of DataGenetics, a Seattle technology consultant service company. Berry’s research was conducted with previously released and exposed data from security breaches.
There are 10,000 possible combinations that the digits 0-9 can be arranged in to form a 4-digit PIN code. While conducting research, Berry analyzed and tested approximately 3.4 million 4-digit passwords. Every combination of digits from 0000 through 9999 were represented in his research. To the left are the top 20 most commonly used PINs.
-The most popular PIN (11% of all PINs) is 1234.
-The second most popular PIN (over 6% of all PINs) is 1111.
-The third most popular PIN (approximately 2% of all PINs) is 0000.
Berry’s research shows that the top 20 PINs represent close to 27% of all PINs used. Berry said in his research that people have a “staggering lack of imagination” when it comes to selecting passwords.
Because people can decide the numbers they use for their PIN, many people may use the same pin for all of the services requiring the same PIN length. People try to make their PIN easy to remember and often make them very easy to guess. A large number of the frequently used PIN numbers can be interpreted as years of significance where the first two digits 19xx are easy to guess. It appears that many people choose a birth year or birth date in the MMDD format. Repeating numbers or couplets (4545, 1313) are also popular. These methods definitely will help people remember their code, but it greatly increases the predictability of the PIN.
You might ask, “Why would we want you to be familiar with this information?” Obviously, this is not to help you become a PIN hacker, but to inform you that the PINs you may be using every day may need to be updated or changed to better protect yourself. If your PIN is listed above or you are using some of the common “easy to remember” techniques, you may want to consider changing your PIN to decrease the chances for fraudulent activity where a PIN is required.
Leave a Reply
Realize your comments are visible to the world, so avoid sharing your personal account information. Comments that are abusive, unlawful, off-topic, use vulgar or offensive language, include spam, or attacks of any kind will be removed.