How mundane and widespread is your PIN?

Four-digit PIN codes are common in people’s daily lives: for their bank card, for a safe, for the SIM card, to unlock a smartphone or to access an online service. However, some sequences are used much more than others.

Are you using a PIN that uses a sequence like 0000, 1234 or 9999? “Congratulations”, you have opted for one of the most common combinations among Internet users. This is what a visualization offered by British computer graphic designer David McCandless reveals on his website Information is beautiful.

This infographic, which https://twitter.com/PierreArlais/status/1788897736818937871 attention on social media, is based on an analysis conducted by Nick Berry, a data scientist who operated the site Data Genetics. Nick Berry conducted a study in 2012 on a data aggregate integrating 3.4 million PIN codes from various sources.

It is this work which has been adapted by David McCandless, into a double entry table, with a heat map system. The more the PIN code is used, the more it turns white. The less common it is, the more black it goes. We can thus see at a glance a map of the most common codes and those which are the rarest.

type="image/avif"> type="image/webp">>>
The lighter the boxes, the more common it is. // Source: David McCandless

The most common and rarest PIN codes

The infographic contains several rather fascinating indications: a group of twenty PIN codes constitutes 27% of the most frequent occurrences in the mass of 3.4 million sequences. We also have a list of the twenty least used PINs, such as 8557, 8196 and 8398. Useful if you don’t want to follow the crowd.

The map also makes it possible to distinguish thermal zones that are stronger than others, or particular lines/diagonals. This reflects a fairly common mistake among Internet users: we use identical combinations (0000, 1212, 8888, 9898, etc.), our year of birth, or a mix between the day and the month.

In other words, PIN codes are potentially easier to find, especially if you do a little social engineering — to make someone say their date of birth, if they ever use it as a word exceeds. This is all the more plausible as these codes can be requested on Netflix, Messenger or even Doctolib, for example.

type="image/avif"> type="image/webp">An account protected by a PIN code on Disney+ // Source</a>: Disney+>>An account protected by a PIN code on Disney+ // Source</a>: Disney+
A PIN-protected account on Disney+. // Source: Disney+

This remark, however, deserves to be qualified; in fact, the data that was used in Nick Berry’s study is now old (more than ten years old). Additionally, not all PINs are necessarily four digits long. On Messenger, you need a combination containing six digits, which is a little more secure.

That being said, the infographic should be an incentive to take a less common PIN code, whether for your phone, the hotel room safe or the SIM card. We can also remember that there are worse things: to unlock a smartphone, there are even weaker methods, such as the pattern, the simple swipe of the screen or even worse, nothing at all.

If you can opt for a longer PIN, that’s a plus. In general, you should refrain from using codes or passwords that are too short (less than eight is highly discouraged). Biometrics-based solutions can also be an option, although they also face certain threats.

The best password managers

See all MDP managers


Subscribe to Numerama on Google News so you don’t miss any news!

-

-

PREV Mazamet. A “Not so stupid” day at the Maison du Bois et dutoy
NEXT Tournefeuille. Dragons Ladies fight cancer with paddles