Is it about time you changed your PIN?
Psst – I wanna tell you a secret
The most infrequently used and therefore arguably the best PIN is 8068. Well it was until it was revealed in the recent study of PIN usage by Data Genetics . This fascinating and statistical study also reveals the most commonly used PINs and therefore the ones most likely to be guessed.
What makes a poor PIN choice?
According to the stats, the most commonly used PIN is 1234. Out of the 3.4 million numbers surveyed, an amazing 374,000 were 1234. That’s 11% of those analysed. What little imagination some people have!
The top 20 PINs all come from the easy to remember category. PINs like:
It seems that PINs with lots of repetition and/or a pattern to them are the most frequently chosen. It is interesting that the PIN 2580 comes just outside of the top 20 at number 22. This looks like a random PIN until you realise that these are the numbers down the centre of a telephone keypad – another imaginative breakthrough!
Other easy to remember 4 figure numbers that make up PINs obviously come from years of birth. There is a disproportionate amount of PINs beginning with 19 which is bound to change to 20 as the population ages. Equally, day and month of birth also figure quite prominently.
Does it really matter?
Given that most devices/cards/locks that are protected by a PIN have a limit to the number of attempts that can be made before it locks itself, does it matter if a commonly used PIN is used? The chances of some bad guy getting hold of your device, a bank card for example, guessing the correct PIN has to be pretty small doesn’t it? Let’s think about it in a bit more detail. If I’m the bad guy and I get hold of a genuine bank debit card that I do not know the PIN for, I generally have 3 guesses before that card is locked.
If I take the top 3 most commonly used PINs as my starting point, I have a 1 in 5 chance of getting it right. Not bad odds and probably worth a gamble.
But the banks pay it back anyway, don’t they?
For credit/debit cards, unless the banks can prove the you have been grossly negligent with your PIN i.e. sticking it to your credit card, the general rule is that you will be reimbursed for any financial loss should your card be stolen and the PIN used to extract money. So, isn’t it simply a case of using the most convenient and easy to remember PIN and should it get compromised, wait for the banks to sort it out?
This may be true, but anyone who has gone through the process will know the sheer kerfuffle involved in replacing cards and reclaiming lost money should be enough to deter anyone from using a poorly chosen PIN. In addition, you may highlight yourself as an easy target – if you did it once, why not again.
Don’t bring unwanted attention on yourself just for the sake of 4 little numbers.
In our next blog in this series we provide our ten best tips to help you keep your PIN secure. We’ll post it here shortly.
Article by Paddy Keating ,Director/Government Service Manager at Ascentor.
Other articles you might like:
- How to create strong, memorable passwords that are difficult to crack
- Protect your systems from cyber crime with these 7 basic security controls