- Common PINs and passwords pose cybersecurity risks
- Data analysis reveals prevalent patterns in PIN usage
- Password managers are recommended for enhanced security
Thousands of individuals fall victim to cyberattacks and hoaxes annually, so one might expect them to be more vigilant about their PINs and passwords.
Nevertheless, Information is Beautiful’s examination of compromised databases reveals that individuals continue to employ standard PINs to safeguard critical data.
Remarkably, ‘1234’ remains the prevailing PIN, comprising nearly 11 percent of the ones examined.
The subsequent digits are ‘7777’, ‘1111’, ‘0000’, and ‘1212’.
According to Jake Moore, a global cybersecurity advisor at ESET, attackers can target individuals by using basic or easy-to-guess passcodes (MailOnline).
This compilation, initially curated by the late Nick Berry, encompasses every four-digit PIN compromised by data intrusions.
The vast majority of the 3.4 million PINs that were examined consist of primary sequences or recurring patterns.
Although ‘1234’ is exceedingly simple to deduce, its prevalence remains such that it is utilized more frequently than the combined frequency of the 4,200 least-common PINs.
‘1111’ is the second most frequently used password, comprising 6% of all PINs in the data.
Subsequently, the digits ‘1212’ and ‘0000’ comprise approximately two percent of the total passwords.
Upon plotting the PINs based on their initial and final two numerals, several remarkably intriguing patterns become apparent.
A vibrant diagonal stripe extending from the bottom left to the top right is most conspicuous when individuals input pairs of digits such as ‘0000’, ‘2323’, or ‘5656’.
An additional discernible line traversing the graph at a quarter of the way up signifies codes commencing with the numeral ’19’; these codes were presumably generated by individuals invoking their birth years.
The line became considerably brighter after 1960, as more living individuals were born after that year.
Moreover, by converting the graph to black and white, one can discern a subtle ‘grid’ pattern resulting from the use of numerically close-by numbers.
An L-shaped region is also observed in the lower left quadrant, potentially attributable to individuals entering their birthdays in MMDD or DDMM format.
Upon closer inspection, it becomes evident that the region does not expand beyond 12 or 31, corresponding to the number of days each month and the months in the year.
Given the 10,000 possible combinations for a four-digit PIN, guessing your PIN should prove to be exceedingly challenging.
Mr. Moore notes, nevertheless, that poor cybersecurity practices greatly facilitate the work of hackers.
Mr. Moore asserts, “People continue to use PIN codes that are easily accessible and related to themselves, such as dates of birth.”
In addition to the fact that our recollections are limited in scope, they might have employed the same codes for an extended period of time during a period when cyber awareness was not as thoroughly documented.
An adversary could decipher one-third of all passcodes with 61 guesses and half of all PINs in the dataset with 426 trials.
Notwithstanding the implementation of an attempt limit, malicious actors could potentially infiltrate 20% of users’ accounts within five attempts.
Repetitive patterns or birthdays as PINs are therefore hazardous, as they are easily surmised if your card or card information falls into unauthorized hands.
Passwords for online services, such as social media accounts, continue to be composed of common words or numerical sequences, which presents the same challenge.
Research conducted by the password manager NordPass indicates that 70% of passwords are susceptible to cracking in less than one second.
NordPass CTO Tomas Smalakys told MailOnline, “To make matters worse, 31% of the most popular passwords in the world are composed solely of numerical sequences.
Hackers can almost immediately compromise such passwords because they utilize automated systems instead of manually entering them.
After compromising your account, hackers may either steal your data directly or use it to initiate targeted attacks against other users.
Mr. Smalakys explains, “For instance, seemingly inconsequential information like your complete name or birthday can be exploited to create more sophisticated and individualized phishing attacks.”
“Take a step towards financial freedom – claim your free Webull shares now!”
Cybersecurity professionals advise employing longer and more intricate passwords comprising arbitrary letters and numbers to ensure online safety.
One concern is that these passwords frequently present equal challenges for hackers to deduce and recall.
Utilizing a secure and reputable password manager to safeguard your credentials is advisable.
“People put themselves at risk using weak passwords and PIN codes,” says Mr. Moore. “Frequently, they do not fully comprehend the threat until they have been compromised.”
In addition to providing security when such information is difficult to recall, password managers can generate entirely random codes, eliminating the need to rely on dates such as birthdays or anniversaries.