What the Tech: Weak pin codes

May 29, 2025

Shalaunda Bacon,

CHARLOTTE, NC – We all know we should have strong, unique passwords for everything, but what about those simple 4-digit PINs? It turns out, they might be even more vulnerable than you think. If a thief gets their hands on your phone and can guess your PIN, you’re looking at a lot of potential trouble. Recent studies have revealed the most commonly used, and therefore the weakest, PIN
codes.

Many of us use the same 4-digit code for everything. Phones, credit cards, and even padlocks. A new report has shown that millions of people are using identical PIN codes, making phones
and bank accounts easy targets. So, which numbers should you avoid? We tend to pick simple, easy-to-remember PINs, often using them for years. However, these simple PINs are the first ones a thief will try. The report analyzed 29 million exposed PIN codes from past data breaches, finding that some 4-digit PINs are so common that a bad actor has a one-in-eight chance of guessing it right.

If you use one of these PINs, change it immediately they’re easy to guess and have been
exposed in data breaches:
1234
1212
1122
1010
1342
4321
1111
2222
3333
4444
5555
6666
7777
8888
9999
0000
1984
1986
1989
2010
2020

It’s no surprise that sequences are on the list, but years tied to birthdays and anniversaries are also common PINs and Passcodes. And it’s not just guessing. Criminals have a sneaky trick. They might ask to see something on your phone, like a photo. If your phone is unlocked with Face ID, they’ll hold the side button to force a passcode entry.

They watch you type your PIN and then steal your phone later and unlock it with the number they memorized.Police report this happening more frequently. Once they have your PIN, they can reset your password, change recovery settings, disable “Find My Phone,” and even set up an alternate facial recognition using their own face. This locks you out entirely.

So, what can you do? Use a random number combination. Avoid dates, repeated numbers, or patterns. If your phone allows, switch to a six-digit PIN or a more complex password. Also, change your account settings to require Face ID to disable tracking features and setting up alternate Face ID. Finally, know your Apple ID password to report the phone stolen.