or why it is not a good idea to use your birthday as your pin
My pin is 4580 so I am good!
this post was submitted on 26 May 2024
279 points (98.3% liked)
Cybersecurity
7230 readers
26 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 2 years ago
MODERATORS
Mine is the price of a cheese pizza and large soda at Panucci's
Holy shit we have the same bank pin!
Hold up, mine too! I wonder if there's a connection with the card number and expiration date. Here'a mine, enter yours so we can all compare:
- 5894325796533678
- 11/25
Make sure to include the ccv code.
Oops: 420
Thanks doe the pizza man
I have the same combination on my luggage!
Why is it all I see is ****?
6969 looks like a popular choice. Nice.
Looks like 4200 is fairly popular too. Blaze it!
0420 seems to be popular also.
So the black pixels are pins that nobody uses? 🤔
We don't speak of those PINs here.
It bothers me that if the pin resembles a date, even if it is not the reason for it, it is less secure. Life is not fair, lol.
It bothers me that the arrow on the y-axis is pointing the wrong way
Can someone create a list of the most secure 4-digit PINs?
Umm... wouldn't that... you know... invalidate it?
It’s hard to look at but any of the ones that are black squares in the picture would be the least used ones. It looks like that’s most any that starts in the 7000+ range.
Edit: 6806 for example.
Thanks for the thoughtful answer, but my question was actually meant as a joke.
4 digit pins are not secure. As long as you avoid all the light colored dots on the chart, that's the most secure you can make it.
If a system allows brute forcing without a pause, delay, cool down, or lockout, and a 4 digit pin is the only thing preventing access, they will get in.
Source of the heat Map seems to be this blog post: http://datagenetics.com/blog/september32012/index.html
And here is a higher quality image of the heat map above: https://infobeautiful4.s3.amazonaws.com/2021/03/IIB-Pin-Numbers-1276@2x-1.png
When will we finally move past 4 digit codes for anything important?
Pin codes are great for quick access if you have a lockout mechanism after 3 failed attempts and it is impossible for an attacker to get the hashed code. It is only secure if you pick a pin that cannot be guessed in 3 attempts like your birthdate but that applies to any password.
Thats why they are used for credit cards, SIM cards or Bitlocker drive encryption. The hashed code never leaves the secure hardware so you cannot circumvent the lockout.
Even a 16digit numeric code, which I guess is the upper limit of what you can remember and quickly input, would take just a couple of days to brute force if the attacker does get hold of the hash.
What's with 7942 being lit up like the North Star?
There are a couple other curious ones like that, too.
Are you sure that's not 7931 you're looking at?
7931 are the four corners, so it'd be an easy pattern.
Yes the bright one I mean is very easily at or around 40. 31 is rather far away.
Maybe they're big fans of the Lego Off-road Fire Rescue set?
What's with 7942 being lit up like the North Star?
Only thing I can think of is that The Hitchhiker's Guide to the Galaxy was published in 1979.
That actually might be it. And it fits the theme of 42 well.
Anecdotal but I've heard that when banks auto generate PINs for debit cards they filter out some suspicious ones like 0000 or 1234 because it only leads to customers complaining and wanting to change them (more work for the bank). Nowadays the customer can usually change them themselves, so it might be less true.
When I got my credit card (and credit account) set up, they had me set a pin then and there. But that might be because I had to create the account in person?
Maybe they can, but it may not be free.
Up until a few months ago my bank used to charge €5 for PIN change at the ATM (unpaid accounts only).
Star Trek fans are visible at 1707
1701
I must be more asleep than I thought.
My PIN is the date I bought my first smartphone but the numbers are rearranged.
I'm proud that 1996 seems to be one of the years least used, but damn is it sad anyways how used it is.