PhoneArena is looking for new authors! To view all available positions, click here.

Phone Links

more » more »
  • Home
  • News
  • Use only 3 unique digits in a 4-digit PIN for more security

Use only 3 unique digits in a 4-digit PIN for more security

Posted: , by Charlene S.

Share:

Discuss 8
Use only 3 unique digits in a 4-digit PIN for more security
Many people claim that eyes are the window to the soul, but we’d be willing to bet that you can find out a lot more about a person by accessing their smartphone. That is precisely why more and more people are using access codes to lock their devices from prying hands. When it comes to setting a code, what is the best way to go about it? Interestingly enough, in this case, less is more.

Security expert, Karl Sigler, presents an interesting look into what a potential attacker sees and how math is on their side when a user uses 4 unique digits. In his article, Sigler points out that the residue from our fingers often leaves visible traces on the glass that narrows down the digits used in the PIN.

Use only 3 unique digits in a 4-digit PIN for more security
Here is where our old friend math comes into play. If there are exactly 4 digits in a PIN and you have access to all 4 of them, there are only 24 possible combinations. That combined with the knowledge that most people use a visual pattern or a significant number, such as a date, it becomes quite easy to crack a PIN.

When changing that PIN to repeat one number, so for example let’s say the smudge marks on the phone are over 6, 8, and 9, the attacker now needs to determine which number is the one that repeats. This small change now makes the number of possible PINs rise to 36, which is a 50% improvement in security of a unique 4-digit PIN.

While this won’t protect you in a case of theft, it may buy you some time in a case when a nosey coworker, friend, or family member attempts to brute force into your phone while you step away for a few minutes.

source: Skeleton Key Security via Geek

Share:

Discuss8

8 Comments

  • Options
    Close




Want to comment? Please login or register.

1. m.garz posted on 02 Jan 2012, 14:30 1 11

first! :D

Reply

3. The_Miz posted on 02 Jan 2012, 15:02 6 3

How dare you. Only I get to say First! + comment.

Reply

2. brenner182 posted on 02 Jan 2012, 14:43 3 2

^ yep. biggest d**k ever now that you got first.

Reply

4. ardent1 posted on 02 Jan 2012, 15:35 3

24 combinations is due to 4 choices for the first number, 3 choices for the second, 2 choices for the third number and one choice for the last number or 4*3*2*1 = 24.

Okay, I read the solution online since order matters. The correct answer is 12 if you don't assume symmetry and 36 if you assume symmetry.

Reply

5. ardent1 posted on 02 Jan 2012, 15:58 2

Okay, since the order of the numbers matter, it's a permutation problem and not combinations. I read the solution online and the answer is 12 if you reject the symmetry argument or 36 if you accept the symmetry argument.

The symmetry assumption is that ALL THREE inputs leave the same marks. However, if you leave a BIGGER spot for the duplicate digit, your password is 50% weaker than a non-repeat 4 digit code.

Reply

6. thelegend6657 posted on 02 Jan 2012, 18:19 3

I hate Maths

Reply

7. Synack posted on 03 Jan 2012, 09:04

what if you only use 2 numbers???

Reply

8. Paden posted on 03 Jan 2012, 19:29

Good thinking. Also, setting it to delete after 10 attempts helps too!

Reply

Want to comment? Please login or register.

Hot Phones

  • Samsung Galaxy S4Samsung Galaxy S4
  • Apple iPhone 5Apple iPhone 5
  • Samsung GALAXY Note IISamsung GALAXY Note II
  • HTC OneHTC One
  • Sony Xperia ZSony Xperia Z
  • Google Nexus 4Google Nexus 4
  • LG Optimus GLG Optimus G
  • Nokia Lumia 920Nokia Lumia 920