Why Your PIN Shouldn't Be Your Birthday or a Year in the Late 1900s

The Citizen's Guide to the Future
Sept. 19 2012 3:20 PM

The World's Least-Popular Four-Digit PIN: 8068

Most popular PIN codes
Research suggests thieves can guess one in five PINs by trying just three combinations.

Photo by Justin Sullivan/Getty Images

How easy would it be for a thief to guess your four-digit PIN? If he were forced to guess randomly, his odds of getting the correct number would be one in 10,000—or, if he has three tries, one in 3,333. But if you were careless enough to choose your birth date, a year in the 1900s, or an obvious numerical sequence, his chances go up. Way up.

Will Oremus Will Oremus

Will Oremus is Slate's senior technology writer.

Researchers at the data analysis firm Data Genetics have found that the three most popular combinations—"1234," "1111," and "0000"—account for close to 20 percent of all four-digit passwords. Meanwhile, every four-digit combination that starts with "19" ranks above the 80th percentile in popularity, with those in the late—er, upper—1900s coming in the highest. Also quite common are MM/DD combinations—those in which the first two digits are between "01" and "12" and the last two are between "01" and "31." So choosing your birthday, your birth year, or a number that might be a lot of other people's birthday or birth year makes your password significantly easier to guess.


On the other end of the scale, the least popular combination—8068—appears less than 0.001 percent of the time. (Although, as Data Genetics acknowledges, you probably shouldn't go out and choose "8068" now that this is public information.) Rounding out the bottom five are "8093," "9629," "6835," and "7637," which all nearly as rare.

Data Genetics came up with the numbers by analyzing a database of 3.4 million stolen passwords that have been made public over the years. Most of these are passwords for websites. But by looking specifically at those that comprise exactly four characters, all of which are numerals, the researchers figured they could get a decent proxy for ATM PINs as well.

One would hope, of course, that fewer people choose "1234" to protect their checking accounts than to log in to random websites. But Data Genetics found some circumstantial evidence to support its hypothesis that there are some strong correlations between the two. For instance, the combination "2580" was the 22nd-most popular in their data set. Why so high? Probably because those four numbers appear in a single column from top to bottom on a phone or ATM keypad. On most computer keyboards, they do not.

Some other interesting anedcotes from the data:

  • Half of all passwords are among the 426 most popular (out of 10,000 total).
  • People prefer even numbers to odd, so "2468" ranks higher than "1357."
  • Far more passwords start with "1" than any other number. In a distant second and third are "0" and "2."
  • Among seven-digit passwords, the fourth-most popular is "8675309," which should ring familiar to fans of '80s music.
  • The 17th-most popular 10-digit password is "3141592654."
  • Two-digit sequences with large numerical gaps, such as "29" and "37," are found often among the least popular passwords.

For those who get a kick out of these sorts of things, Data Genetics' blog post is worth perusing in full. Just keep in mind that guessing isn't the only way thieves can swipe your PIN or password. So "8068" alone—or whatever the equivalent is now that people know about "8068"—won't protect you from ATM skimmers or hackers who breach the databases of sites that don't encrypt users' passwords.

Future Tense is a partnership of SlateNew America, and Arizona State University.



Crying Rape

False rape accusations exist, and they are a serious problem.

Scotland Is Just the Beginning. Expect More Political Earthquakes in Europe.

I Bought the Huge iPhone. I’m Already Thinking of Returning It.

The Music Industry Is Ignoring Some of the Best Black Women Singing R&B

How Will You Carry Around Your Huge New iPhone? Apple Pants!

Medical Examiner

The Most Terrifying Thing About Ebola 

The disease threatens humanity by preying on humanity.


The Other Huxtable Effect

Thirty years ago, The Cosby Show gave us one of TV’s great feminists.

Lifetime Didn’t Find the Steubenville Rape Case Dramatic Enough. So They Added a Little Self-Immolation.

No, New York Times, Shonda Rhimes Is Not an “Angry Black Woman” 

Brow Beat
Sept. 19 2014 1:39 PM Shonda Rhimes Is Not an “Angry Black Woman,” New York Times. Neither Are Her Characters.
Sept. 19 2014 1:11 PM An Up-Close Look at the U.S.–Mexico Border
  News & Politics
Sept. 19 2014 6:22 PM Blacks Don’t Have a Corporal Punishment Problem Americans do. But when blacks exhibit the same behaviors as others, it becomes part of a greater black pathology. 
Sept. 19 2014 6:35 PM Pabst Blue Ribbon is Being Sold to the Russians, Was So Over Anyway
Inside Higher Ed
Sept. 19 2014 1:34 PM Empty Seats, Fewer Donors? College football isn’t attracting the audience it used to.
  Double X
The XX Factor
Sept. 19 2014 4:58 PM Steubenville Gets the Lifetime Treatment (And a Cheerleader Erupts Into Flames)
  Slate Plus
Slate Picks
Sept. 19 2014 12:00 PM What Happened at Slate This Week? The Slatest editor tells us to read well-informed skepticism, media criticism, and more.
Brow Beat
Sept. 19 2014 4:48 PM You Should Be Listening to Sbtrkt
Future Tense
Sept. 19 2014 6:31 PM The One Big Problem With the Enormous New iPhone
  Health & Science
Medical Examiner
Sept. 19 2014 5:09 PM Did America Get Fat by Drinking Diet Soda?   A high-profile study points the finger at artificial sweeteners.
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.