Is the personal identification number on your debit card your birth year? A year made famous by a movie title? The same digit repeated four times? It might be time to change it.
A new study by data analysis firm DataGenetics shows many consumers are making it way too easy for thieves to guess their PINs. Researchers combed the Internet for account numbers and PINs exposed by data breaches and looked at the PIN numbers people chose. Overall, they found that thieves could unlock “a staggering 26.38 percent” of PIN-protected accounts by trying just 20 combinations out of a possible 10,000.
That’s important, because many systems that use PINs tend to lock an account if someone makes more than a certain number of incorrect guesses to try and access it. If a thief can guess the PIN with just a few tries because it’s one of several of the most common, they may be able to gain access and clean out your checking account before it’s locked.
Unfortunately, the study found that lots of people use some fairly obvious PINs.
- Nearly 11 percent of the accounts surveyed had “1234” as their PIN.
- Repeated digits were popular. More than 6 percent use “1111” and almost 2 percent use “0000.”
- PINs from movies were also popular, with “1984, “2001,” “0007” and 0070 (for James Bond) in the top 30 PINs overall.
- PINs that started with “19,” probably marking an anniversary, birth year or some other important date for that person, made the list.
So what number should you use? Random numbers with no special significance may be hard to remember, but they do make the best PINs. DataGenetics found the number “8068” was the least-used PIN, but cautioned readers against using it on the grounds that hackers can read, too.
What do you think? Are people who pick an obvious PIN putting themselves in danger?
Follow me on Twitter: @ClaesBell.
