How Common Is Your PIN?

phantomfive writes: We've seen password frequency lists, here is an analysis of PIN frequency with a nice heatmap towards the bottom. There is a line for numbers starting with 19*, which is the year of birth, a cluster around MM/DD for people's birthdays, and a hard diagonal line for the same digit repeated four times.

hey, if you type in your pw, it will show as stars

(Cthon98) hey, if you type in your pw, it will show as stars
(Cthon98) ********* see!
(AzureDiamond) hunter2
(AzureDiamond) doesnt look like stars to me
(Cthon98) (AzureDiamond) *******
(Cthon98) thats what I see
(AzureDiamond) oh, really?
(Cthon98) Absolutely
(AzureDiamond) you can go hunter2 my hunter2-ing hunter2
(AzureDiamond) haha, does that look funny to you?
(Cthon98) lol, yes. See, when YOU type hunter2, it shows to us as *******
(AzureDiamond) thats neat, I didnt know IRC did that
(Cthon98) yep, no matter how many times you type hunter2, it will show to us as *******
(AzureDiamond) awesome!
(AzureDiamond) wait, how do you know my pw?
(Cthon98) er, I just copy pasted YOUR ******'s and it appears to YOU as hunter2 cause its your pw
(AzureDiamond) oh, ok.

- http://bash.org/?244321

Re:At least my pin 8068 is safe

[plover]

Which is monumentally STUPID! That leads to people writing it down just so they can remember it. I can see my idiot brother even writing it on the card so he doesn't have to remember it!

People get all panicked about "writing down their passwords." I have never seen a case where a hacker was able to reach through the internet and shoulder surf that piece of paper. Offline analog storage has a much better security profile than the average bureaucrat's Excel spreadsheet full of passwords.

Sure, local attacks on the paper are possible, but extremely rare when compared to online attacks. Paper records have a much lower risk profile.