1234 is not a strong password, iPhone users: But it's the top choice, new data reveals.

Ed Hansberry, Contributor

June 13, 2011

2 Min Read

It is a good idea to set a PIN code to lock your phone in the event it is lost or stolen. The thief still has your phone, but if you've configured the iPhone properly, the memory will be wiped clean after 10 wrong attempts. Since a four-digit code allows for 10,000 combinations, finding that in ten tries yields only a 0.1% chance of success. Those sound like pretty good odds until you realize that 14.4% of pass codes are clustered around just 10 PIN code combinations.

Daniel Amitay has an app called Big Brother Camera Security that takes a picture of anyone using your iPhone 4, thanks to the front-mounted camera, without your permission. He recently updated the app to phone home with the PIN codes its users had chosen. He says it records the data anonymously. There is a nice little irony that the software installed to spy on unauthorized users is also spying on these who installed the software.

He collected 204,508 pin codes and has them graphically represented at his site. "1234" was the most common code used and chosen by 4.3% of users. The next biggest was "0000" picked by 2.6%. If you using one of those two, you aren't even trying. You might as well put the home's front door deadbolt lock on backwards so the handle is on the outside.

The top 4 codes represented 10.8% together, so any thief with an ounce of sense will try those before moving on to harder to guess numbers. He is likely to unlock one in 10 phones with those odds.

The tenth most common code is "1998" which is probably the year some of these 12 or 13 year old iPhone 4 toting pre-teens were born. Years in general are a bad idea, unless it is a Stardate, which would be harder to guess. Years in the 1990's were over twice as likely to be used as those in the 1980's, so if the thief knows you or can make an educated guess about your age as they pilfer the phone from your bag, they have a significantly higher chance of gaining access to your data if you use your birth year.

If you are using any of the codes Daniel discovered, your birth year, the year you purchased the phone, or this year, change it immediately. Select an entirely random number and then proceed to do the same thing with any other system that has a PIN code, such as your ATM card, alarm system or keyless entry for your car.

To be really secure, you should consider turning off the simple four digit PIN code and use a real password. The possible combinations go from 10,000 to billions.

About the Author(s)

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights