Most Common 4-Digit Pin Numbers

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] this is Twi this is just a great chart uh this is from the the information is beautiful uh project which you know demonstrates that if you uh graph things in creative ways you can learn a lot and this is a perfect example of that 3.4 million 4digit pins which were obtained from multiple data breaches were aggregated um now you know this is a wonderfully enlightening graphic chart that I want to share unfortunately the terms graphic chart and listeners are at odds so you know you're gonna have to describe it Steve yeah I'm going to note that this delightful chart is at the top of this week's show notes yeah tweeted it and I I gave it a permanent GRC shortcut of pin p n so anybody can see it at any time from at grc.com from and disclosed by multiple data breaches um now of course a four-digit pin can have any value between 000000 and 9999 so there are 10,000 possible pins and this wonderful chart contains 10,000 little itty bitty squares arranged in a flat two-dimensional map so it's got rows you know it's got 100 rows and 100 columns and of course 100 * 100 is 10,000 so one way to think of this is that the first two digits of the pin which you know 0 0 through 99 specify one axis and the last pair of digits specify the other so every single possible four-digit pin has its own Square on this chart and within this 3.4 million pin data set the relative number of times every single possible pin appears in the data set determines the brightness of its Square on the chart okay so what do we learn from this okay possibly the most prominent feature is a bright diagonal line running from the lower left corner of the chart where both of the first two and the last two digits are zero 0 0 to the chart's upper right corner where the first two and the last two digits are both 99 the diagonal line then is formed by all of the intermediate squares where their first two and last two digits are identical you know and naturally like z0 in the far lower left that's bright because a lot of people just chose 00000000 as their pin and similar L the very far upper right corner also very bright because 9999 is you know many people's pins so there is you know some variation in the brightness along the diagonal which is interesting you know and of course human nature being what it is the PIN 6969 appears to be over represented relative to its neighbors no surprise two other solitary bright spots would also not surprise anyone they are the locations of the 1 two 3 4 and 4321 pins not very creative and thus bright on the map another really interesting prominent line is the 20th line from the up from the bottom since lines are numbered from zero the 20th line is the line for all pins beginning with 19 and what's so interesting is that the line gets gradually brighter as it moves to the right then dims a bit toward the end and wraps around a bit to the 20 to the the 20 line on the left so what's going on here well if you guessed people's birth year you would be correct pins often begin it turns out with 19 and they appear to be brightest or somewhere around 1980 seems to be the the place where it it's most uh you know most people have their pins clustered there lot of lot of 40y olds exactly that's S I would have thought it the Baby Boomers it would be the brightest but maybe not yeah it's kind of feeding out for us Leo on the other hand then so are we yes um yeah another notable feature is a generally brighter region down at the lower left of the chart this would be where both the first two and the last two digits form low numbers okay why because people used their month and day of birth within the month running from 1 to 12 of course for the month and then day of month 1 through 31 there's and and what's interesting there's a brighter horizontal stopping at 12 than the vertical stopping at 12 both which however are clear this indicates that most people chose the ordering with the month first and the and the day of month second as their pin now stepping way back from it and looking at the overall illumination there's a there's a top to bottom brightness variation um with it being brighter at the top and and and dimmer toward the bottom suggesting that most pins have low starting numbers but there's less left to right variation so people are generally choosing four-digit pins with as I said smaller first two digits but for some reason more randomly distributed last two digits and the final really interesting observation is that whereas most to the Chart shows varying shades of Illumination there are around 40 distinct cells that are black or nearly black like I mean dramatic contrast against their neighbors in other words out of all 10,000 possible 4digit pins there are around 40 of those that are significantly under represented isn't that weird isn't that is so odd yeah some reason kind of randomly distributed but maybe not yeah well it's well Mo most of them have high all of them are yeah almost all of them are in the upper third of the chart so their first two digits are are larger um for some reason for example very few people have chosen 6806 so if you're looking for a lesser chosen four digigit pin there you go in there that's right or 68 whatever this one is you know it's interesting there are three dots on the 68 line yeah and in fact that first one on the 68 line was a 6806 that I just chose to highlight but you're right that that and there looks like there's also three on the 60 or on the 70 Line yeah huh I mean it's really nonrandom in in that in that area Okay so and as for the extremely low entropy skewing observed in the data set again low entropy skewing get this just the top 20 the top 20 most used pins out of remember the 10,000 that are possible right just the top 20 account for 27% of all pins observed in use that's terrible those top 20 are 1 two 3 40000 77772 2222 9999 55551 12 11122 8888 200011 11111 1212 1 04 4444 6969 3333 6666 1313 4321 and one10 if any of those sound like your pins you're in trouble yeah just very very cool it means you can guess you know 10 or 20 and have a one and four chance of being right right um if if if for example something prevented you from brute forcing all 10,000 you would absolutely want to go for those 20 as your first as your first 20 guesses you it also means you should use more than four digits in your PIN right yeah though yeah though I I so I think we're still at at four-digit pins purely for historical reasons it's just you know it's because that's you know once upon a time we didn't have computers and people had to actually remember them and I'm sure a lot of people used you know their month and day of birth or the last four digits of their social security number or you know digits from their license plate or you know something the point being four digits that was all they could actually remember we didn't have technology to say oh yeah you know here here's a string of 20 digits you know repeat after me pick something you know what I always do is I pick the last four digits of a phone number not my current phone number but maybe my childhood phone number or phone number I particularly recom re remember cuz those are mostly pretty random they certainly don't have anything to do with my birth date uh I don't know it's or just pick something random you can remember four digits or better yet use an alpha numeric password not a pin yeah well and of course back one Once Upon a Time oh no I I was going to say once upon a time we were keying them into our Touch Tone phones in order to authenticate ourselves right but even then you know unless you used Q I think was it was Q missing I think Q was missing there was missing that's right there were a couple things that were not there you these are mostly still used is on ATM machines I don't know of any ATM machine that uses more than four digits yeah right so again because there's some backend some old creaky back end machine that could only take four digits anyway this was a huge win for our audience who got a big kick out of it so again if you want to see what we were talking about grc.com so I grabbed it and stuck it on GRC server just because it's just such a cool infographic hey it's Leo leaport I hope you've enjoyed this little snippet from security now if you want the whole show you can get at our website twit.tv SN of course you can subscribe to security now and your favorite podcast or just click one of the links below [Applause] [Music]

Info

Channel: TWiT Tech Podcast Network

Views: 208,832

Rating: undefined out of 5

Keywords: steve gibson, leo laporte, twit, security now, data, dataisbeautiful, reddit, 4 digit pins, common 4 digit pins, security, security breaches, infographic, pin codesa

Id: Qj85v2ca89E

Channel Id: undefined

Length: 13min 1sec (781 seconds)

Published: Wed May 15 2024