Banking Blog

Finance Blogs » Banking » Is your PIN too easy to guess?

Is your PIN too easy to guess?

By Claes Bell · Bankrate.com
Monday, September 24, 2012
Posted: 3 pm ET

Is the personal identification number on your debit card your birth year? A year made famous by a movie title? The same digit repeated four times? It might be time to change it.

A new study by data analysis firm DataGenetics shows many consumers are making it way too easy for thieves to guess their PINs. Researchers combed the Internet for account numbers and PINs exposed by data breaches and looked at the PIN numbers people chose. Overall, they found that thieves could unlock "a staggering 26.38 percent" of PIN-protected accounts by trying just 20 combinations out of a possible 10,000.

That's important, because many systems that use PINs tend to lock an account if someone makes more than a certain number of incorrect guesses to try and access it. If a thief can guess the PIN with just a few tries because it's one of several of the most common, they may be able to gain access and clean out your checking account before it's locked.

Unfortunately, the study found that lots of people use some fairly obvious PINs.

  • Nearly 11 percent of the accounts surveyed had "1234" as their PIN.
  • Repeated digits were popular. More than 6 percent use "1111" and almost 2 percent use "0000."
  • PINs from movies were also popular, with "1984, "2001," "0007" and 0070 (for James Bond) in the top 30 PINs overall.
  • PINs that started with "19," probably marking an anniversary, birth year or some other important date for that person, made the list.

So what number should you use? Random numbers with no special significance may be hard to remember, but they do make the best PINs. DataGenetics found the number "8068" was the least-used PIN, but cautioned readers against using it on the grounds that hackers can read, too.

What do you think? Are people who pick an obvious PIN putting themselves in danger?

Follow me on Twitter: @ClaesBell.

«
»
Bankrate wants to hear from you and encourages comments. We ask that you stay on topic, respect other people's opinions, and avoid profanity, offensive statements, and illegal content. Please keep in mind that we reserve the right to (but are not obligated to) edit or delete your comments. Please avoid posting private or confidential information, and also keep in mind that anything you post may be disclosed, published, transmitted or reused.

By submitting a post, you agree to be bound by Bankrate's terms of use. Please refer to Bankrate's privacy policy for more information regarding Bankrate's privacy practices.
12 Comments
Tim
September 28, 2012 at 12:18 am

One bank assigned a PIN at random. I have used that PIN for other accounts since. Totally random, but once memorized nobody could guess it.

DumBunny
September 27, 2012 at 5:16 pm

Take the number of times you say "Yes" on the day you choose your pin, and divide it by your weight that day. Use that percentage to determine the amount of moxie you have, so you can just multiply your height by your moxie, and record that number. It should be 4 digits, although sometimes it is 6.

EAR
September 27, 2012 at 4:13 pm

Number keypads have letters too, and those can be easier to remember.

John
September 27, 2012 at 2:41 pm

best pin...use some of the numbers on a dollar bill..plenty of them around..and change the sequence/or another set of numbers once every 60 days..another one is to use a phrase and leave the last word blank and only you will know the word..

Ron
September 27, 2012 at 12:17 pm

Any suggestions made here just give the hackers more ideas.

ChrisS
September 27, 2012 at 9:27 am

i use the last 4 digits of an old phone number, several homes ago.

snooki
September 27, 2012 at 9:16 am

Use your spouse's weight....nobody ever knows what that is....

adolf
September 27, 2012 at 5:53 am

your mom Birth day

madihwa
September 27, 2012 at 1:30 am

A suggestion; to make it easy to remember but not quite as easy for others to guess, use the birth months of people in your family. Example: If you had children born in January, August and November, make use the pin number 1811. All pin numbers I've ever heard of consisted of 4 numbers. You could also use their actual birth dates. If they were born the 9th, 5th and 10th you could use 9510.

Unknown
September 27, 2012 at 12:18 am

Best is more 10-15 digits than 4 digits.