In an almost humorous way, researchers at Data Genetics did an interesting survey on the safest and unsafest four digit pin numbers recently. They’d found the safest code of all – and then promptly released it, making it the unsafest PIN number.
Using 3.4 million random 4 digit PIN numbers that we use in everything from our ATMs to a code that tells a customer service representative we are indeed who we say we are, the number combination of 8068 was used only twenty five times. That’s a safe number, no doubt. Or it was until those researchers published that number and crowned it the safest of all. We don’t recommend you choose that number. In fact, every financial safety manager is discouraging it. Some say it’s going to be the second tried number by thieves looking to figure those numbers out. The first number they’re going to try is 1234, which, for some strange reason, is still the most commonly used PIN number in the world. At some point, you’d think banks and credit card companies would issue a disclaimer that anyone using that combination is on their own if their accounts are illegally accessed. So common is it that 11% of us choose that number combination.
There’s an element of psychology behind our reasons for choosing PIN numbers. Obviously, we try to choose those that we can remember, as there’s nothing more frustrating than going through a maddening series of hoop jumps to reset them. Researchers found a common element: many PIN numbers begin with 19. The reason is because most adults have important dates that begin with 19. You might have gotten married in 1995, so you choose that as your PIN. Your first child might have been born in 1990 – and you use that number. The jerk you married in 1995 finally gave you a divorce in 1998- and you promptly change all your PIN numbers to that happier year.
So what are our other “human condition” choices? Many of us choose one number: 5555 or 9999. Others choose 2580 (in fact, it came in number 22 on the list of commonly used PIN numbers). The reason being that those four numbers go straight down an ATM keypad. Many choose backwards numbers: 4321 or 9876 while still others have at least one number repeated twice: 5458 or 1719.
Remember a few years ago when banks and credit card companies, in their efforts of reducing theft, began requiring 7 digit numbers? Their efforts didn’t help since most of us choose 7777777 or 1111111 or 1234567. Then, many banks started using 9 digits, but the security efforts of consumers didn’t improve. Nine numbers meant we use 987654321 and for those banks that used six digits, the most commonly used combination was 123123. At the risk of planting an annoying tune in your head the rest of the day, remember that song from the 80s by Tommy Tutone? He sang about Jenny and how he begged her to not “lose his number”, which was 8675309. Turns out, Jenny wasn’t the only one who remembered his number since many of us use it as our PIN numbers.
Here’s the alarming fact, though: a whopping 10% of prepaid cards, credit card and bank accounts can be hacked with one guess. The mathematicians came up with another interesting fact: after those combinations/series re used, the remaining ATM and other PIN numbers are made up of only 61 variations.
If you’re one of those guilty souls who choose ease and convenience, you might want to rethink that mindset – especially since this report’s been released. If you have to use important dates (like 90% of us do), then use combinations. Use the month of your first born with the year your wife was born. Use the year of your youngest daughter with the month your mother was born: 9104 (your youngest daughter was born in 1991 and your mom’s birthday is in April). Skip the obvious and make sure each PIN number is different.
Recently, hundreds of thousands of Yahoo email users had their information hacked. Smart these hackers were – they assumed – and correctly – that people used the same passwords across the board. My mistake? Using it for PayPal too. Once they were in, they could have easily scanned emails and seen notices from banks, PayPal, Facebook and even Visa (which is what happened in my case). They already knew the email address associated with those accounts, so it was no problem trying to log in with the same passwords. It worked.
Needless to say I changed every single password (of course, I received emails from Amazon, WordPress and a host of other companies requiring I change my password). It took close to a day to get it all changed. Also, analysts say you should change your passwords every three months, too. Not a bad idea – the inconvenience could be frustrating, but the safety is priceless.