Pin numbers.
-
"How many assholes have we got on this ship anyway?" YO!
Software Zen:
delete this; -
You have the same phone number you did when you were a child? :confused:
Check out my IoT graphics library here: https://honeythecodewitch.com/gfx And my IoT UI/User Experience library here: https://honeythecodewitch.com/uix
Cell phones have been around long enough, twentysomethings very well could. Of course I'm old enough they've changed the numbering system since we banged rocks together when I was little :sigh: .
Software Zen:
delete this; -
3.4M PIN numbers that were pulled together from a whole bunch of data breaches have been heat mapped, and they are quite interesting (to me at least): https://www.grc.com/miscfiles/pin.png[^] Given that most (if not all ATM / shop card readers work with 4 digit PINs, it's interesting to see what people generally use. Notice the lines and clusters: identical pairs (0000, 0101, ...) birthdate day and month, birth year seem to be pretty common, but it's interesting to note two things: 1) There are a small number of "empty" or "near empty" cells where people just aren't disposed to use that combination. 2) 20 out of the possible 10,000 different PIN values are used by 27% of the population ... so if you want to "brute force" a PIN, those are the ones to try first - if you are using one of them, it's probably time to change it:
1234, 4321, 0000, 7777, 2000, 2222, 9999, 5555, 1122, 8888, 2001, 1111, 1212, 1004, 4444, 6969, 3333, 6666, 1313, 1010
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
Oops, I guess using a particular year is not so unique anymore (and I'm guessing padding it with zeroes in 6 digit pins ain't either)
-
"How many assholes have we got on this ship anyway?" YO!
Software Zen:
delete this; -
Your pasword must contain ...[^]
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
Sanskrit, Cyrillic, Latin, Chinese, and Arabic characters should be enough for everyone! FYI, you'd be amazed at how hard it is for most applications/websites/passwords to deal with 2 different sets of alphabets.
Bond Keep all things as simple as possible, but no simpler. -said someone, somewhere
-
3.4M PIN numbers that were pulled together from a whole bunch of data breaches have been heat mapped, and they are quite interesting (to me at least): https://www.grc.com/miscfiles/pin.png[^] Given that most (if not all ATM / shop card readers work with 4 digit PINs, it's interesting to see what people generally use. Notice the lines and clusters: identical pairs (0000, 0101, ...) birthdate day and month, birth year seem to be pretty common, but it's interesting to note two things: 1) There are a small number of "empty" or "near empty" cells where people just aren't disposed to use that combination. 2) 20 out of the possible 10,000 different PIN values are used by 27% of the population ... so if you want to "brute force" a PIN, those are the ones to try first - if you are using one of them, it's probably time to change it:
1234, 4321, 0000, 7777, 2000, 2222, 9999, 5555, 1122, 8888, 2001, 1111, 1212, 1004, 4444, 6969, 3333, 6666, 1313, 1010
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
-
Banks (in India, most probably elsewhere too) block the login after three incorrect PIN entries (to unlock which the customer has to complete some formalities after visiting a bank branch). So, the customer has at least some protection.
-
3.4M PIN numbers that were pulled together from a whole bunch of data breaches have been heat mapped, and they are quite interesting (to me at least): https://www.grc.com/miscfiles/pin.png[^] Given that most (if not all ATM / shop card readers work with 4 digit PINs, it's interesting to see what people generally use. Notice the lines and clusters: identical pairs (0000, 0101, ...) birthdate day and month, birth year seem to be pretty common, but it's interesting to note two things: 1) There are a small number of "empty" or "near empty" cells where people just aren't disposed to use that combination. 2) 20 out of the possible 10,000 different PIN values are used by 27% of the population ... so if you want to "brute force" a PIN, those are the ones to try first - if you are using one of them, it's probably time to change it:
1234, 4321, 0000, 7777, 2000, 2222, 9999, 5555, 1122, 8888, 2001, 1111, 1212, 1004, 4444, 6969, 3333, 6666, 1313, 1010
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony "Common sense is so rare these days, it should be classified as a super power" - Random T-shirt AntiTwitter: @DalekDave is now a follower!
Good, but! Back to real life. How many tries do you have, until ATM eats your credit/debet card? Here in Europe exactly 3 times. IDK how it's overseas, but I hope it's similarly limited, too. Soooo, unless PIN is explicitly linked to a card number, I think we are generally safe, aren't we? On the other hand, I checked, and my PIN is nowhere near the first hundred thousand (I didn't look further), so I can sleep like a baby one more night. :laugh:
-
I have yet to understand how PIN numbers are more secure than passwords. Face it, there are only 10,000 combinations, yet even an alphabetic, case insensitive, PIN would have 456,976 combinations. I would expect being able to brute force a pin number, regardless of length, would be easy for modern computers that can break 128-bit key based encryption systems in hours.
obermd wrote:
I have yet to understand how PIN numbers are more secure than passwords. Face it, there are only 10,000 combinations, yet even an alphabetic, case insensitive, PIN would have 456,976 combinations. I would expect being able to brute force a pin number, regardless of length, would be easy for modern computers that can break 128-bit key based encryption systems in hours.
I wondered that too for a long while. If you dig into the various places where PINs are used, you will find that anywhere a PIN is used, there is strong protection behind it to back it up. PINs generally have very strong limitations on how many times you can get them wrong (i.e. 3 times) -- because failure lockout reset can be controlled externally by more secure methods (2FA, MFA, big brother style behavior pattern matching, etc.) Offline attacks toward a PIN tend not to work because the PIN is not the primary secret. So the use limitation of the PIN protects the use of the much stronger public/private key encryption which protects the actual data you wish to protect. Credit/debit cards have those cryptography chips now -- those hold the public/private key encryption, locked into read-only memory in nanometer scale size, and the PIN protects the use of that strong encryption, any funny business using it -- and that strong encryption becomes invalid -- it's new card time.
-
7410 is down the left hand side of the number keys pad of a full size keyboard. 8520 is the middle, it gets zero too since the zero key is usually a double width key. No idea about the 7942 though.
I’ve given up trying to be calm. However, I am open to feeling slightly less agitated. I’m begging you for the benefit of everyone, don’t be STUPID.
The Hitchhikers Guide to the Galaxy was first published in 1979, and as you probably know, brings the number 42 to prominence. ( @Bassam-Abdul-Baki this is sort of in reply to you, too, though yours didn't explicitly call out 7942 )
-
The Hitchhikers Guide to the Galaxy was first published in 1979, and as you probably know, brings the number 42 to prominence. ( @Bassam-Abdul-Baki this is sort of in reply to you, too, though yours didn't explicitly call out 7942 )
-
You have the same phone number you did when you were a child? :confused:
Check out my IoT graphics library here: https://honeythecodewitch.com/gfx And my IoT UI/User Experience library here: https://honeythecodewitch.com/uix
-
Cell phones have been around long enough, twentysomethings very well could. Of course I'm old enough they've changed the numbering system since we banged rocks together when I was little :sigh: .
Software Zen:
delete this; -
Cell phones were still a long way away when I was a child. The 72 in my username on CP is my birth year.
Actually, it wasn't that far away :-) Our first cellular phone network was established in 1981, covering the Scandinavian countries (Wikipedia: NMT[^]. NMT ("1G") replaced older mobile phone systems, "OLT" in Norway, established in 1966. When NMT was introduced, OLT had approx. 30,000 subscriber in a population of 4 million - scaled to population size, that would correspond to 2.5 million subscribers in today's USA. So at the 1981 introduction of the cellular NMT technology, we were familiar with mobile phones here in Norway. OLT was not "cellular": To make a call, you hooked up to your closest base station. You had to stay within range of that base for the duration of the call; an ongoing call couldn't automatically be switched to another base station. So OLT was less suited to fast moving vehicles. The low transmission frequency (somewhat higher than FM transmitters) meant that a single base station could cover a large area; it was a lesser problem than you might think. (But total network capacity was a bigger problem than you might think!) The 1981 NMT system was fully automatic (OLT required operator assistance), and cellular, so you could move freely from one base station to another. The sound was analog, FM modulation. Digital cellular phones (GSM standard, "2G") were not introduced until 1991 - but it really didn't make a big difference to us: We had extended use of cellular NMT mobile phones at the time, so to us, buying a new GSM phone was just another cellular. Another aspect easing GSM adoption in Norway (and other countries) is that we agreed upon one single standard. Roaming was included in the initial base standard, so phones would work in all European (and gradually all) countries, while USA let four incompatible standards compete to select the best through economic bloodshed. GSM didn't make a great impact until the battle left the original US warriors all laying severely wounded on the battleground :-) (We had that same story repeated with digital radio: While European and other countries started preparing for and implementing a fully digital DAB radio system, US authorities let a number of alternate standards stab each other to death. The last I have heard is that no digital FM replacement seems ready to take over in the US, not even today. (Correct me if I am wrong! Yes, I certainly know of HD Radio, but being
-
Actually, it wasn't that far away :-) Our first cellular phone network was established in 1981, covering the Scandinavian countries (Wikipedia: NMT[^]. NMT ("1G") replaced older mobile phone systems, "OLT" in Norway, established in 1966. When NMT was introduced, OLT had approx. 30,000 subscriber in a population of 4 million - scaled to population size, that would correspond to 2.5 million subscribers in today's USA. So at the 1981 introduction of the cellular NMT technology, we were familiar with mobile phones here in Norway. OLT was not "cellular": To make a call, you hooked up to your closest base station. You had to stay within range of that base for the duration of the call; an ongoing call couldn't automatically be switched to another base station. So OLT was less suited to fast moving vehicles. The low transmission frequency (somewhat higher than FM transmitters) meant that a single base station could cover a large area; it was a lesser problem than you might think. (But total network capacity was a bigger problem than you might think!) The 1981 NMT system was fully automatic (OLT required operator assistance), and cellular, so you could move freely from one base station to another. The sound was analog, FM modulation. Digital cellular phones (GSM standard, "2G") were not introduced until 1991 - but it really didn't make a big difference to us: We had extended use of cellular NMT mobile phones at the time, so to us, buying a new GSM phone was just another cellular. Another aspect easing GSM adoption in Norway (and other countries) is that we agreed upon one single standard. Roaming was included in the initial base standard, so phones would work in all European (and gradually all) countries, while USA let four incompatible standards compete to select the best through economic bloodshed. GSM didn't make a great impact until the battle left the original US warriors all laying severely wounded on the battleground :-) (We had that same story repeated with digital radio: While European and other countries started preparing for and implementing a fully digital DAB radio system, US authorities let a number of alternate standards stab each other to death. The last I have heard is that no digital FM replacement seems ready to take over in the US, not even today. (Correct me if I am wrong! Yes, I certainly know of HD Radio, but being
Y'know...after initially glancing at the wall of text, I was tempted to go cynical and reply with "cool story, bro". But after having actually read it, I must say, that was a rather informative history lesson. Thanks for that. But, I still wouldn't have been carrying a cell phone under decades later. :-)
-
True. I was wondering about other effects that might add to the H2G2 effect on this particular number to make it jump out, and it occurred to me that people born in 1979 might be 42 years old at the time of making their PIN around 2021? It would be an interesting bit of statistical analysis involving guesses, educated or otherwise, on the PIN creation dates to try to tease such an effect out of the data and prove if it is significantly above chance or not. (p.s. Is your 0504 speculation about the movie release date?)
-
True. I was wondering about other effects that might add to the H2G2 effect on this particular number to make it jump out, and it occurred to me that people born in 1979 might be 42 years old at the time of making their PIN around 2021? It would be an interesting bit of statistical analysis involving guesses, educated or otherwise, on the PIN creation dates to try to tease such an effect out of the data and prove if it is significantly above chance or not. (p.s. Is your 0504 speculation about the movie release date?)
-
Ah, yes of course. I know “May the fourth be with you” well, but being Australian I didn’t think to write it that way around, despite it being the Jedi way around of saying it.
