Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Common Is Your PIN? (datagenetics.com)

Posted by BeauHD on from the more-human-than-human-is-our-motto dept.

phantomfive writes: We've seen password frequency lists, here is an analysis of PIN frequency with a nice heatmap towards the bottom. There is a line for numbers starting with 19*, which is the year of birth, a cluster around MM/DD for people's birthdays, and a hard diagonal line for the same digit repeated four times.

25 of 114 comments (clear)

  1. hey, if you type in your pw, it will show as stars by Anonymous Coward · · Score: 5, Funny

    (Cthon98) hey, if you type in your pw, it will show as stars
    (Cthon98) ********* see!
    (AzureDiamond) hunter2
    (AzureDiamond) doesnt look like stars to me
    (Cthon98) (AzureDiamond) *******
    (Cthon98) thats what I see
    (AzureDiamond) oh, really?
    (Cthon98) Absolutely
    (AzureDiamond) you can go hunter2 my hunter2-ing hunter2
    (AzureDiamond) haha, does that look funny to you?
    (Cthon98) lol, yes. See, when YOU type hunter2, it shows to us as *******
    (AzureDiamond) thats neat, I didnt know IRC did that
    (Cthon98) yep, no matter how many times you type hunter2, it will show to us as *******
    (AzureDiamond) awesome!
    (AzureDiamond) wait, how do you know my pw?
    (Cthon98) er, I just copy pasted YOUR ******'s and it appears to YOU as hunter2 cause its your pw
    (AzureDiamond) oh, ok.

    - http://bash.org/?244321

  2. 1234 passwords by Anonymous Coward · · Score: 3, Interesting

    Those 1234 passwords that people always talk about, those are just from temporary e-mail addresses that people create when they want something anonymous.
    I've created plenty of accounts with incredibly easy passwords, because I only used them once and didn't care if the accounts would be hacked a minute after creation.
    PIN numbers are not the same thing as passwords.
    This is not an analysis of PIN frequency, it's an analysis of 4-digit numeric-only passwords.

    1. Re:1234 passwords by unixisc · · Score: 3, Interesting

      I'm thinking particularly of the pin# for Windows 10. For some things, I pick numbers that few will think of other than me. For others, like say my work account, I picked the 4-digit number of the building of my employer's headquarters, since there's a good chance that I'd have to share that w/ colleagues.

      I don't exactly see the point of trying to create a complicated PIN, since there are just 10,000 combinations. So might as well pick something that's easily remembered.

  3. Ha... by Type44Q · · Score: 3, Funny

    My psycho/retard ex would *always* uses "0852" for her PIN. Why? Sheer fucking laziness.

  4. Not even PIN data by OzPeter · · Score: 3, Informative

    From TFA

    Obviously, I don’t have access to a credit card PIN number database. Instead I’m going to use a proxy. I’m going to use data condensed from released/exposed/discovered password tables and security breaches.

    By combining the exposed password databases I’ve encountered, and filtering the results to just those rows that are exactly four digits long [0-9] the output is a database of all the four digit character combinations that people have used as their account passwords.

    --
    I am Slashdot. Are you Slashdot as well?
    1. Re:Not even PIN data by jbmartin6 · · Score: 2

      TFA also explains why the author believes the dataset is relevant for ATM PINs and similar.

      --
      This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
    2. Re:Not even PIN data by ShanghaiBill · · Score: 2

      I would guess that it's a reasonable proxy for PINs that people get to choose themselves

      I don't think so. I often use something like "1234" for some stupid throwaway account on a website that shouldn't even have accounts in the first place. But I use something pseudo-random (meaningful to me, but random to anyone else) for anything important, like a bank card.

  5. At least my pin 8068 is safe by mdsolar · · Score: 4, Funny

    Oh, wait...

    1. Re:At least my pin 8068 is safe by penix1 · · Score: 2

      Which is monumentally STUPID! That leads to people writing it down just so they can remember it. I can see my idiot brother even writing it on the card so he doesn't have to remember it!

      --
      This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
    2. Re:At least my pin 8068 is safe by plover · · Score: 5, Interesting

      Which is monumentally STUPID! That leads to people writing it down just so they can remember it. I can see my idiot brother even writing it on the card so he doesn't have to remember it!

      People get all panicked about "writing down their passwords." I have never seen a case where a hacker was able to reach through the internet and shoulder surf that piece of paper. Offline analog storage has a much better security profile than the average bureaucrat's Excel spreadsheet full of passwords.

      Sure, local attacks on the paper are possible, but extremely rare when compared to online attacks. Paper records have a much lower risk profile.

      --
      John
    3. Re: At least my pin 8068 is safe by cloudmaster · · Score: 4, Funny

      I have a Post-It stuck to the bottom of my keyboard with the word "pa$$word1" written on it, and have for years. I like to imagine that one day someone will try logging in to my account with that, thinking to themselves "wow, the sysadmin has a terrible password" just before it doesn't work.

      It's the little things that get you through the day...

    4. Re: At least my pin 8068 is safe by KGIII · · Score: 4, Insightful

      You should find a way to use it as the duress password so that, if used, it sets off a loud klaxon alarm complete with the brilliant strobing lights. It would be awesome.

      --
      "So long and thanks for all the fish."
  6. Super old blog by MrLogic17 · · Score: 4, Informative

    I thought this blog posting on PIN numbers looked familiar - then I looked at the publish date. September 3rd, 2012.

    Um, guys?

  7. This is why I use... by Anonymous Coward · · Score: 4, Funny

    the last for digits of Pi for my PIN.

    1. Re: This is why I use... by cerberusss · · Score: 2

      There's God the Father, God the Sun, and God the Holy Ghost

      So, it's basically, God, Ra, and God again? :-P

      --
      8 of 13 people found this answer helpful. Did you?
  8. Re:hey, if you type in your pw, it will show as st by epyT-R · · Score: 3, Insightful

    Still funny today.

  9. The price of a cheese.... by Santas+L+Helper · · Score: 2

    The price of a cheese pizza and large soda and panucci's pizza. $10.77.

  10. Interesting by jbmartin6 · · Score: 4, Interesting

    Just a quick overview, but it appears the selection of PINs obeys Benford's Law

    --
    This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
  11. No respect for Tommy Tutone by antifoidulus · · Score: 2

    I can't believe "5309" isn't in the top 10, don't people love Jenny anymore?

    --
    Monstar L
    1. Re:No respect for Tommy Tutone by Anonymous Coward · · Score: 2, Informative

      "The fouth most popular seven digit password is 8675309"

  12. Re:42069? What is it? by Frosty+Piss · · Score: 3, Insightful

    420 = weed.
    69 is, well, 69.

    You may continue to speculate...

    --
    If you want news from today, you have to come back tomorrow.
  13. Re:Weird by plover · · Score: 3, Interesting

    Back in the eighties, I was opening a bank account and the guy told me to pick a PIN. I pulled out my trusty Casio programmer's calculator, hit the random button 4 times, and wrote down the last digit of each.

    So, no. You're not alone.

    --
    John
  14. Safe! by rebelwarlock · · Score: 3, Funny

    Ha! 1337 didn't even make the list!

  15. Looks like it's 1234 by spiritplumber · · Score: 4, Funny

    incredible! it's the same PIN as my luggage!

    --
    Liberty - Security - Laziness - Pick any two.
  16. factor in the importance of data being protected by dwater · · Score: 2

    I would be interested in seeing the results of an investigation into a similar study that also factors in the importance of what is *behind* the password.

    I don't think I'm the only one who puts more effort into choosing a 'good' password for things that are of value. I choose really quite poor passwords for things I really don't care about - eg have no sensitive information behind the login. For things like cash point cards, and other things in front of my actual money, I attempt to use much better passwords.

    I think there are many things of little or no value, while just a few of high value. I guess this might skew the numbers somewhat. It's probably quite difficult to factor in this aspect, but it makes me question the conclusions.

    --
    Max.