PINs: a new frontier in fraud
We are constantly told to upgrade our password security. But how secure is your PIN? It’s easier to hack than you think.
NSA helps you to Keep Safe
With the support of the Be Connected initiative, Commonwealth Bank, and Australian Federal Police, National Seniors is committed to helping you identify and avoid scammers who try to target older Australians.
NSA resources include videos recorded by AFP officers, articles, and eguides. Visit our Keep Safe page for more information.
Older people are a favourite target for online scammers. Unfortunately, seniors are the top demographic for falling victim to online fraud, costing them hundreds of thousands of dollars a year.
Why are seniors easy victims? It is due to a combination of unfamiliarity or confidence with the technology, cultural acceptance of taking people at face value, and an understandable tendency to panic when confronted with bogus threats, warnings, and what appears to be helpful advice.
But there’s another reason that elevates seniors into another realm of vulnerability.
Despite constant warnings and recommendations to use strong passwords, people still use either a simple, guessable password or the default password automatically assigned to a device to protect their online accounts.
Doing so leaves accounts vulnerable to hackers and cyberattacks. Advice on protecting your online security is available here.
PINs are a crucial line of digital security. It seems before accessing any online service you have to confirm a four-digit code sent to your device.
While we have little control over PINs supplied to us, we still use PINs for unlock our smartphones, access bank accounts and get cash out at ATMs. So, it’s important to maximise its security.
The PIN is an important little code, but not all choices are equally secure. Some are vulnerable to guessing and hacking more than others.
An Australian-owned website that helps people all over the world find out if they’ve been affected by data breaches, Have I Been Pwned, has partnered the ABC in analysing 29 million passwords to find out which are the worst.
They found the most common PINs were particularly easy to guess when phones and bank cards fall into the wrong hands.
For example, almost one in 10 people use the same four-digit PIN.
Yes, it’s the obvious one. 1234 is the most popular choice by a huge margin, accounting for nearly one in 10 of the millions of PINs looked at.
The second most popular is – 0000 – and right behind is 1111. 1212 and 4444 are in the top 10 as well.
Birth years are also favourites. 1986 is the most popular of these, while 2004 is in the top 20.
But what about the other popular codes that don’t fall into these categories?
The reason for choosing 4321 is no real mystery. It’s just 1234 in reverse.
Some people mix it up to 1342 – so many of them that it’s the fourth most popular code of all.
2580 might seem like a strange one to be in the top 40 – until you realise it draws a line directly down the keypad on a phone.
Even though there are 10,000 possible combinations, analysts say PINs are so predicable that with just five guesses, you have a one-in-eight chance of being right.
There is a similar weakness to be found in regular computer passwords.
1234 was fourth on a list of common passwords compiled by NordPass VPN. Even when users have the entire alphabetical and numerical keyboard to choose from, the only choices that were more popular were 123456, admin, and password.
All in all, it paints a worrying picture of the last line of defence for our digital lives. Remember, it’s never too late to change your PIN and password to something more secure.
