Data retrieved from a batch of hacked password databases and security breaches reveals just how terrible many of us are at coming up with a decent PIN.
Nowadays, many devices are locked with fingerprint recognition or face ID scans.
But plenty of folks still revert to a simple 4-digit PIN when it comes to securing their phone or tablet.
Taking a look at the most popular PINs shows just how unimaginative we can be when setting them.
A staggering 10% of 4 digit pass codes are that old offender, 1234.
It should go without saying that this is easily guessable and hence not very secure.
The top ten PINs feature other simple patterns, like 1212and the sequence that appeals mainly to teenage boys and those who enjoy sniggering, 6969, as well as several strings of single repeating digits.
Is your PIN on the list?
The Top 10 Most Common 4 Digit PINs
If you’re using one of these PINs, your phone is an open book to anyone with five minutes to spare.
It’s plain to see that these numbers are popular because they’re easy to remember.
After all, why remember four numbers when you can just remember one number four times?
4 digits bad, 6 digits better
Considering that most of us unlock our phones dozens of times a day, it is rather strange that we make PINs so basic.
It’s a tricky trap to fall into: setting an easy PIN when you first get a phone, memorizing it that same day, then never wanting to change it again.
Unfortunately, having a weak PIN is one of the easiest ways to leave your device exposed to the world. Over 25% of PINs can be easily guessed by just inputting the 20 most popular numbers. That is a shocking lack of security.
But it gets worse. There are 10,000 unique numbers that can be made up of four digits. Now, that’s a lot of possibilities for a person to crack, but for a computer it’s child’s play.
With £40 and a few lines of code, the most amateur hacker can break past a 4-digit PIN in a matter of minutes.
Hacked and cracked
The ‘USB Rubber Ducky‘ is a low-cost, commercially available piece of kit that tricks devices into thinking it’s an ordinary keyboard. Once connected, it can be used to unlock phones with brute force – powering through those 10,000 unique PINs in no time at all.
The best way to protect yourself from this kind of attack is to simply upgrade your PIN.
A 6-digit PIN is only two more numbers to remember, but forces a Rubber Ducky to sift through 1 million options.
Adding letters or symbols by using a password instead of a PIN raises those possibilities to almost 200 billion.
Of course, the danger with longer PINs is the appeal of using something easy to remember. If something is easy to remember, then it’ll be easy to crack. Simple patterns, dates, sequences or repetitive numbers are simple work for both people and machines to get past.
Be imaginative when it comes to locking your phone and don’t be afraid to choose something difficult or unfamiliar – you’ll have it memorized in no time.