Never miss a story

Get subscribed to our newsletter


×
On an Android smartphone, different codes cannot be entered one after the other in quick succession. "In eleven hours, 100 number combinations can be tested. Pixabay

If your iPhone or Android smartphone PIN starts with 1234, 0000, 2580, 123456 or 654321, you are in a soup as these PINs are most prone to hacking as your device can be unlocked easily by others.

According to the study, the 10 most popular four-digit PINs are: 1234, 0000, 2580, 1111, 5555, 5683, 0852, 2222, 1212, 1998. The most popular six-digit PINs are and 123456, 654321, 111111, 000000, 123123, 666666, 121212, 112233, 789456,159753. Researchers at Ruhr University in Germany showed that the blacklist used by Apple to prevent particularly frequent PINs could be optimised and that it would make even greater sense to implement one on Android devices.


It emerged that six-digit PINs do not provide more security than four-digit ones. “Mathematically speaking, there is a huge difference, of course. A four-digit PIN can be used to create 10,000 different combinations, while a six-digit PIN can be used to create one million,” said study researcher Philipp Markert from Horst Gortz Institute for IT Security in Ruhr University.

“However, users prefer certain combinations; some PINs are used more frequently, for example, 123456 and 654321, this means users do not take advantage of the full potential of the six-digit code,” Markert added. According to the researchers, it seems that users currently do not understand intuitively what it is that makes a six-digit PIN secure.

For the findings, the research team investigated how users choose the PIN for their mobile phones and how they can be convinced to use a more secure number combination. The team asked Apple and Android users set either four or six-digit PINs and later analysed how easy they were to guess.

In the process, they assumed that the attacker did not know the victim and did not care whose mobile phone is unlocked. Accordingly, the best attack strategy would be to try the most likely PINs first. Some of the participants were free to choose their PIN at random. Others could only choose PINs that were not included in a blacklist. If they tried to use one of the blacklisted PINs, they received a warning that this combination of digits was easy to guess.

In the experiment, the IT security experts used various blacklists, including the real one from Apple, which they obtained by having a computer test all possible PIN combinations on an iPhone. Moreover, they also created their own more or less comprehensive blacklists. A prudently chosen four-digit PIN is secure enough, mainly because manufacturers limit the number of attempts to enter a PIN. Apple locks the device completely after ten incorrect entries, the researcher said.


If your iPhone or Android smartphone PIN starts with 1234, 0000, 2580, 123456 or 654321, you are in a soup as these PINs are most prone to hacking as your device can be unlocked easily by others. Pixabay

On an Android smartphone, different codes cannot be entered one after the other in quick succession. “In eleven hours, 100 number combinations can be tested,” Markert said. The researchers also found 274 number combinations on Apple’s blacklist for four-digit PINs.

“Since users only have 10 attempts to guess the PIN on the iPhone anyway, the blacklist does not make it any more secure,” said study researcher Maximilian Golla. According to the researchers, the blacklist would make more sense on Android devices, as attackers can try out more PINs there.

ALSO READ: Apple India Experiences Massive Increase in iPhone Shipments (Tech Report)

The research has shown that the ideal blacklist for four-digit PINs would have to contain about 1,000 entries and differ slightly from the list currently used by Apple. (IANS)


Popular

Huh Token

BitMart just experienced one of the biggest hacks in cryptocurrency history, with losses estimated at a whopping $196 million. Withdrawals have been frozen until further notice as the company undergoes security checks, but CEO Sheldon Xia has promised to compensate affected users out of pocket. By stealing a private key opening two hot wallets, hackers achieved one of the biggest centralized exchange hacks to date by swapping stolen tokens for ether and then depositing the funds to Tornado Cash.

The hack has again raised concerns regarding crypto theft. Investors fall victim to attacks as simple as clicking on a link, giving hackers unfettered access to their wallets. So, it’s no surprise that investing in crypto is considered such a high-risk activity. There are ways to mediate risk and one of such ways is to have a bug bounty, which HUH Token, a new cryptocurrency does have. According to an analysis by Deloitte, more than 25% of all bitcoin could be stolen in one attack. This is perhaps why cyber criminals get so creative in coming up with crafty ways to take your bitcoin. Unfortunately, as crypto is decentralized, stolen crypto is extremely hard to recover. In light of the prediction that 10% of global GDP is to be held in crypto by 2025, it needs to become unassailable. To avoid becoming the next hacking victim, use these expert-based tips to maximize your wallet’s security:

Keep Reading Show less

HUH Token

XRP's price is forming a reversal pattern as bulls defend a critical support level. Meanwhile, HUH Token has rocketed over 400% on its first day of trading and looks set for further gains.

XRP

Keep Reading Show less

HUH TOKEN

Shiba Inu is a meme cryptocurrency that reached impressive heights over just 15 months. A $100 investment in Shiba Inu on its debut day, 15 months later, your investment would be worth $14,045,098 - this is over 14 million dollars. HUH Token launched on the 6th of December and its value increased by 400% in just 6 hours. This was a genuinely explosive start, and HUH Token have demonstrated that they are a force to be reckoned with. The successful launch of HUH Token has caught the attention of several investors across the globe. Considering it has only been a day, it will be interesting to see what will happen next for HUH Token.

Keep reading... Show less