Is Your PIN In This List Of The Most Common Numeric Passwords?

Tech consultancy company DataGenetics has analysed the popularity of numeric passwords. What they found confirms previous research that most of our four-digit PINs are way too predictable. Check if yours is one of those mentioned in the report.

The data analysed came from exposed password databases. Data Consultancy filtered the results to just those that were exactly four digits long [0-9] and found nearly 3.4 million four-digit passwords. These are used as a proxy for users' four-digit PIN codes. There are 10,000 possible combinations of digits from 0000 through 9999, and each of those were represented in the dataset.

So out of the 10,000 possible combinations for four-digit codes, which is the most popular? You guessed it: 1234. An alarming 11 per cent of the 3.4 million passwords are 1234.

The top 20 passwords account for nearly 27 per cent of the total.

Looking at the list at right, you'll see that the numbers are all familiar, easily predictable patterns, such as 0000, 4321 and 1010. If you're using the keypad to make a PIN pattern, such as 2580 going straight down, chances are hackers can guess that quickly too. Other high-frequency PINs are years and dates.

Expanding the analysis to all-numeric passwords (not just four-digit ones), guess which are the most popular? Yup, 12345 for five digits, 123456 for six digits and so on. (Ranked at #17 for the 10-digit password is 3141592654 — the first digits of Pi, so that's at least a little more imaginative).

What about the least popular PINs? At the bottom at #10,000 is 8068 — but that's not a great idea for your new PIN now that it's been exposed. The 20 least popular PINs don't appear to have any predictability.

The moral of the story, as with every password topic, is that we're pretty bad at choosing truly random passwords and PINs. In the case of your credit or debit card PIN, having one that's too common would obviously be an issue if a thief steals or finds your wallet, but ATM card skimming also means thieves don't need your physical card to get into your bank account.

If your PIN number is too predictable or popular, see our article on PIN security and how to come up with four new numbers that are more secure.

PIN Analysis [DataGenetics]


    I've never actually chosen a PIN, the bank always chooses one for me (presumably randomly) and sends it to me in the mail. Isn't that how it usually works?

      Yes but you can then change it to something you want.

    Max, you can change it to something more memorable if you want.

    "If your PIN number "
    PIN = Personal identification number

    What you pretty much just said
    Personal identification number number

      One of my pet peeves. ATM Machine, PIN Number, LCD Display, 6am in the morning. *shudder*

        Doesn't the AM stand for After Midnight, so 6AM in the Morning is actually correct. Unlike PIN Number, ATM Machine, LCD Display or VIN Number.

          AM means Ante Meridiem (Before Midday), PM is Post Meridiem (After Midday) so saying 6am in the morning is not correct, there is only 1 6am, it's not like there is 6am in the evening, so there is no need to say "in the morning"

          AM actually stands for ante-meridiem with meridiem being Latin for the middle of the day. Same with PM - post-meridiem.

          AM actually stands for Anti Meridiem - Latin for Before Midday...

            Haha... Looks like we all jumped on that ones at the same time...

              Yeah. Shortly after 12PM in the afternoon.

        I had never noticed. You have now created a new pet peeve for me

        "Safe haven" - haven is by definition safe. The "safe" is totally redundant.

      Good ol' RTS Syndrome. My favourite variant is the translation equivalent:

      The Los Angeles Angels, when translated to English = The The Angels Angels


    No 1337 in the top 10??

      I thought I was clever using that..

    I thought I was the only one to use the tenth code on the list 6969. Its just that for some reason from early highschool I love this number.

    Ah... from a time when four digits seemed secure. Isn't it wonderful how it sticks?

    Why are PIN's (not PIN Numbers) limited to only 4 digits, when will they be upgraded to 6 or more?

    I have kept my supplied ATM number as it is different and remember numbers quite well, and use multiple other 4 digit pass codes, rarely the same. I do use these PIN's at the end of my passwords to make them easier to remember and my passwords harder to crack!

      Who said that they are limited to 4 digits? My PIN is 10 digits long.

    Great, now watch millions of idiots google their own pin numbers to see how popular they are! Thus tying their online personae with their 'security' check

    I was expecting a full list (of the order, not the numbers obviously)

Join the discussion!

Trending Stories Right Now