Home Australia Revealed: The most and least common four-digit PIN numbers. So, is yours on the list?

Revealed: The most and least common four-digit PIN numbers. So, is yours on the list?

0 comments
This incredible graph shows the most common PINs of 3.4 million leaked passwords. PINs are plotted based on their first two and last two digits, and the squares are brighter the more frequently they appear.

With thousands of people falling victim to scams and cyber attacks every year, you would think that people would be a little more careful with their passwords and PIN numbers.

However, an analysis of leaked databases from The information is beautiful shows that people still use common PIN numbers to protect their vital information.

Surprisingly, ‘1234’ remains the most common PIN, accounting for nearly 11 percent of those analyzed.

It is followed by ‘1111’, ‘0000’, ‘1212’ and ‘7777’.

Jake Moore, global cybersecurity advisor at ESET, told MailOnline: “By using simple or easy-to-guess passcodes, attackers can target people more easily.”

This incredible graph shows the most common PINs of 3.4 million leaked passwords. PINs are plotted based on their first two and last two digits, and the squares are brighter the more frequently they appear.

The most common PIN numbers

  1. 1234
  2. 1111
  3. 0000
  4. 1212
  5. 7777
  6. 1004
  7. 2000
  8. 4444
  9. 2222
  10. 6969

These dates, originally compiled by the late Nick Berrycollects all four-digit PINs that have been revealed by data breaches.

Of the 3.4 million PINs analyzed, the vast majority use simple sequences or repetitive patterns.

Despite being incredibly easy to guess, ‘1234’ is still so popular that it appears more frequently than the 4200 less common PINs combined.

The second most used password is ‘1111’, which represents six percent of all data PINs.

This is followed by ‘0000’ and ‘1212’, each accounting for about two percent of all passwords.

When the PINs in this data are plotted based on their first two and last two digits, some really interesting patterns emerge.

Most obvious is a bright diagonal stripe running from the bottom left to the top right, formed when people use pairs of digits like ‘0000’, ‘2323’ or ‘5656’.

Looking at the graph, you can also see a clear line running horizontally about a quarter of the way up and representing codes starting with ’19’, probably created by people using their birth years.

This graphic clearly shows a diagonal PIN line with repeating numbers like '1010'. In black and white you can also see a faint grid-like pattern which may be because people preferentially choose numbers that are close together.

This graphic clearly shows a diagonal PIN line with repeating numbers like ‘1010’. In black and white you can also see a faint grid-like pattern which may be because people preferentially choose numbers that are close together.

The least common PIN numbers

  1. 8557
  2. 8438
  3. 9539
  4. 7063
  5. 6827
  6. 0859
  7. 6793
  8. 0738
  9. 6835
  10. 8093

You can clearly see how the line becomes much brighter from around ‘1960’ onwards as more people alive are born after this date.

When converting the graph to black and white, you can also see a faint ‘grid’ pattern caused by people using numbers that are numerically close together.

This also reveals an L-shaped region in the lower left corner which is probably due to people using their birthdays in MMDD or DDMM format.

If you look closely, you can see that the region does not extend beyond 12 or 31, corresponding to the months of the year and the days of the month.

With 10,000 possible combinations for a four-digit PIN, it should be pretty difficult for anyone to guess your PIN.

However, as Moore points out, poor cybersecurity habits make things much easier for hackers.

Mr Moore said: ‘People are still using commonly used PIN codes or those related to them and easily accessible, such as dates of birth.

“Partly because our memories have a certain captivity, but also because they may have been using the same codes for many years when cyber consciousness was not as well documented.”

With just 61 guesses, a hacker could crack a third of all passcodes, while with just 426 someone could guess half of all PINs in the data set.

If you use your date of birth or other memorable data as a PIN, experts warn you make it much easier for criminals (file photo)

If you use your date of birth or other memorable data as a PIN, experts warn you make it much easier for criminals (file photo)

Even if there is a limit on attempts, hackers could gain access to 20 percent of people’s accounts in just five attempts.

This makes it very dangerous to use repeated patterns or birthday dates as PINs, as they can be easily guessed if your card or card information falls into the wrong hands.

This same problem applies to passwords for online services like social media accounts, as people still use common words or strings of numbers.

According to research from NordPass, a password manager, 70 percent of passwords can be cracked in less than a second.

Tomas Smalakys, CTO of NordPass, told MailOnline: ‘To make matters worse, almost a third (31 percent) of the world’s most popular passwords consist of purely numerical sequences.

“These passwords can be hacked almost instantly, as hackers use automated systems instead of typing them.”

Most common passwords in 2024

  1. 123456
  2. 123456789
  3. administration
  4. QWERTY
  5. welcome
  6. Password
  7. Password1
  8. p@ssw0rd
  9. 12345
  10. qwerty123

Once your account has been compromised, hackers can steal your data directly or use your information to launch targeted attacks on other people.

“For example, seemingly minor details such as full name or date of birth can be used to craft more sophisticated and personalized phishing attacks,” says Smalakys.

To stay safe online, cybersecurity experts recommend using longer, more complicated passwords made up of random letters and numbers.

The problem is that these passwords can often be as difficult for hackers to remember as they are to guess.

For this reason, it is recommended to use a secure and reliable password manager to store your passwords.

Moore says, “People put themselves at risk by having weak passwords and PIN codes and often don’t fully understand the threat until they are compromised.”

“Password managers offer all the security for when such information cannot always be remembered, and they can also help generate completely random codes so that you do not depend on your birthday or anniversary.”

HOW TO CHECK IF YOUR EMAIL ADDRESS IS COMPROMISED

They have cheated me?

Tory Hunt, cybersecurity expert and regional director at Microsoft, leads ‘They have cheated me?’.

The website allows you to check if your email has been compromised as part of any of the data breaches that have occurred.

If your email address appears, you must change your password.

Passwords entered

To check if your password may have been exposed in a previous data breach, go to the site’s home page and enter your email address.

The search tool will match it to the details of the historical data breaches that made this information publicly viewable.

If your password appears, you are likely at increased risk of being exposed to hacking attacks, fraud, and other cybercrime.

Hunt created the site to help people check whether or not the password they would like to use was on a list of known breached passwords.

The site does not store your password with any personally identifiable information and each password is encrypted.

Other safety tips

Hunt provides three easy-to-follow steps for better online security. First, he recommends using a password manager, like 1Password, to create and save unique passwords for each service you use.

Next, enable two-factor authentication. Lastly, stay aware of any non-compliance.

You may also like