Forget the Song of the Summer. Years from now we will remember 2013 as the Summer of Snowden — and when we learned that the NSA knows more about us than they cared to share.
There’s not too much the average person can do to protect themselves from a prying government storing your cell phone metadata. But if your ATM or online PIN is something obvious like 1234 or 1111, there are some simple things you can do to protect your online identity.
Nick Berry, president of DataGenetics and a Data Scientist at Facebook, blogged an eye-opening article about the most popular PIN numbers based on data that had been previously hacked and published. The purpose wasn’t to get into your bank account, but to find out how many of us use all-too-obvious PIN numbers to protect our online identity.
If you use the PIN numbers 1234, 1111 or 0000 you are practically begging to get hacked. Seriously, you are. These three numbers make up about 20% of all PIN numbers — and you can bet than any data thief worth their stolen salt will try those numbers first. If this is one of your lucky numbers, well, it’s not so lucky.
Berry drills down this analysis a little bit further:
- The next most popular 4-digit PIN in use is 1111 with over 6% of passwords being this.
- In third place is 0000 with almost 2%.
- A table of the top 20 found passwords in shown at the right. A staggering 26.83% of all passwords could be guessed by attempting these 20 combinations!
(Statistically, with 10,000 possible combination, if passwords were uniformly randomly distributed, we would expect the these twenty passwords to account for just 0.2% of the total, not the 26.83% encountered)
Looking more closely at the top few records, all the usual suspects are present 1111 2222 3333 … 9999 as well as 1212 and (snigger) 6969 .
It’s not a surprise to see patterns like 1122 and 1313 occurring high up in the list, nor 4321 or 1010 .
2001 makes an appearance at #19. 1984 follows not far behind in position #26, and James Bond fans may be interested to know 0007 is found between the two of them in position #23 (another variant 0070 follows not much further behind at #28).
There are some common sense tips in the article: stay away from birth years and combinations that look like Year/Month aggregations. Yeah, its the kind of stuff that data geeks drool over. But its worth a quick read — if only to help you sleep a little better at night.
It’s not just PINs but passwords, too. “People are staggeringly unimaginative in selecting passwords,” said Berry in a TEDx Talk in Seattle. Coupled with the fact that people tend to reuse the same PW over and over across Websites, you only need to have one weak link in your online chain to because an identity theft statistic. “Using just 100 words, you can predict over 9% of all passwords,” he says. To learn (and laugh, a bit; he’s pretty funny) about passwords, PINs and privacy, see Nick Berry’s TED Talk video on YouTube.
- Patriot Act: From Library Books To Phone Calls, 6/20/2013
- Cartoon: Confessions Of An NSA Analyst, 8/5/2013