Good ol' 1234 accounts for about 10 percent of passwords. That's more than the bottom 4,200 combinations put together.
Posted 09.20.2012 at 11:00 am
7 Comments
Pin Analysis
Data Genetics
We know people default to bad passwords, whether for their computers or banking PINs. But, we have to stress this here, people are really bad at picking passwords. This infographic visualizes that idea by taking all of the possible combinations and mapping them based on frequency of use.
A data set of 3.4 million pins was used. The first two digits are on the horizontal end; the second two on the vertical end. That perfectly diagonal yellow line streaking across it shows the frequency of 1111, 2222, etc. Data Genetics crunched the numbers (based on "released/exposed/discovered password tables and security breaches") used in the graphic, and came up with some fascinating finds:
- You can crack more than 10 percent of random PINs by dialing in 1234. Expanding a bit, 1234, 0000, and 1111, make up about 20 percent.
- 26.83 percent of passwords can be cracked using the top 20 combinations. That would be 0.2 percent of the passwords if they were randomly distributed.
- For the data set used, 8068 is the "safest" password, used just 25 times out of 3.4 million.
- Birthday years are big. The 1900 PINS--1986, 1960, 1991, and so on--are extremely popular, with PINs from later in the century used the most.
- A full 17.8 percent of PINs are couplets, such as 7878, 8181.
- 2580 seems random, but comes it at No. 22 most-used on the list. Why? Because it's straight down the middle row on a telephone keypad.
There are better ways to pick a password.
[Data Genetics via visual.ly]
7 Comments
To comment, please Login.
Popular Tags
Technology
|
|
|
|
|
|
June 2013: American Energy Independence
Five amazing, clean technologies that will set us free, in this month's energy-focused issue. Also: how to build a better bomb detector, the robotic toys that are raising your children, a human catapult, the world's smallest arcade, and much more.
Popular on Popsci
Most Commented
Technology
- Defense Distributed's Cody Wilson On Being Told To Remove 3-D Printed Gun Plans: "We Win"
- Thieves Stole $45 Million From ATMs Because The U.S. Uses Absurd 40-Year-Old Technology
- Autonomous X-47B Jet Fighter Makes Historic First Launch From An Aircraft Carrier
- 2013 Invention Awards: Family Flier
- A California State Senator Is Trying To Outlaw 3-D Printed Guns
- U.S. Navy Spends $37 Billion On A Ship That Barely Works
- Time-Lapse GIFs Show Earth Transforming Over 25 Years
- Russia Is Building Robots To 'Neutralize' Terrorists
- How To Turn An AK-47 Into A Soup Ladle
- America's Road To Energy Independence, Part 1
Most Emailed
Most Viewed
Technology
- How Toys Are Preparing Kids For A Future With Robotic Friends
- 3 Robots That Want To Save Your Life
- IBM's Watson Is Bringing "Cognitive Computing" to Customer Service
- Russia Is Building Robots To 'Neutralize' Terrorists
- NASA Invests In 3-D Food Printer For Mars Missions
- Oklahoma Students Design Drones That Can Fly Into Tornadoes
- Russia's 'Space Ark' Returns All Of Its Lizards And Half Its Mice Safely To Earth
- Google Maps Helps People Find Families They Lost Decades Ago
- Norwegian Geologists Begin Drone-Guided Quest For Oil
- Another Big Milestone For The X-47B: Its First Touch And Go Landing
Online Content Director: Suzanne LaBarre | Email
Senior Editor: Paul Adams | Email
Associate Editor: Dan Nosowitz | Email
Assistant Editor: Colin Lecher | Email
Assistant Editor: Rose Pastore | Email
Contributing Writers:
Rebecca Boyle | Email
Kelsey D. Atherton | Email
Francie Diep | Email
Shaunacy Ferro | Email
Today on PopSci.com
Copyright © 2012 Popular Science
A Bonnier Corporation Company. All rights reserved. Reproduction in whole or in part without permission is prohibited.
I believe the conclusions here are partially flawed. If the only passwords used are, "released/exposed/discovered password tables and security breaches", then it would be natural to assume that the weakest passwords are the ones being studied. So its hard to assume that you can break 20% of pins by just typing 1234 or 1111.
I really appreciate PoPSci posting this and educating those who continue to use weak passwords.
The point is, most passwords don't protect anything, and I'm surprised that this article didn't presume that. Many accounts shouldn't require passwords because they don't have value and no one is hacking into them. I use the same password for almost all of my accounts because they contain nothing of value to me. Only my bank accounts have "secure" passwords, some of which have additional security features.
@spark55155, it matters less if your accounts contain something valuable and more that can can be used to *obtain* something of value. For instance, if cracking your popsci password gives me your password to other blogging/posting accounts, i might get enough personal information about you to "prove" that I am you to your bank.
I'm not saying that's the case, just that it seems reckless to invite identity theft or encourage others to take their security for granted.
I wonder how many people are going to change their ATM pin numbers to 8068 in the next few days...
Dark Helmet: So the combination is... one, two, three, four, five? That's the stupidest combination I've ever heard in my life! That's the kind of thing an idiot would have on his luggage!
Dark Helmet: It worked, sir. We have the combination.
President Skroob: Great. Now we can take every last breath of fresh air from Planet Druidia. What's the combination?
Colonel Sandurz: 1-2-3-4-5
President Skroob: 1-2-3-4-5?
Colonel Sandurz: Yes!
President Skroob: That's amazing. I've got the same combination on my luggage.
Dark Helmet, Colonel Sandurz: [looks at each other]
I just got paid $6784 working off my laptop this month. And if you think that's cool, my divorced friend has twin toddlers and made over $9k her first month. It feels so good making so much money when other people have to work for so much less. This is what I do, Red97.com