Feeds

Apple pulls app after dev publishes users' PINs

Too many folk use too-easy-to-guess passcodes

  • alert
  • submit to reddit

Build a business case: developing custom apps

Is your phone PIN '1234'? If you're an iPhone owner, there's a good chance that it is. In fact, there's a good chance it's your PIN whatever handset you use.

iOS software developer Daniel Amitay, creator of an app called Big Brother Camera Security, added iPhone-style four-digit passcode access to his program. He was staggered to discover how many of them use codes that are easy to recall, but also very easy to guess.

Now, we'll overlook the moral implications of a developer covertly recording users' passcodes, even anonymously. Suffice it to say, Amitay has now had his nosy app yanked from the App Store. Amity says the iTunes EULA is on his side, but that's another story.

Amitay reasoned that punters will generally use the same code for his app as they will for their iPhone's main PIN lock - he says because the UIs are identical, but we'd suggest that the fundamental laziness of folk is also to blame - so he posted the most popular BBCS PINs.

Common iPhone PINs

But what about those codes? Right after '1234' comes '0000', followed by '2580', '1111' and '5555'.

At sixth place is '5683' - an odd number until you realise it can be entered by tapping out the word 'love' on a mobile phone keypad.

Next comes '0852' - a vertical line upwards - '2222', '1212' and '1998'.

That last number is interesting: Amitay also found that years, from the 1990s and 2000s in particular, make very commonly used PINs.

Before some of you get all smug and suggest that Android users would never make such an elementary error of security, we're prepared to bet that they - and users of other phone operating systems too, from smartphones down to basic voice-centric units - will.

And, indeed, any other gadget or object - we're thinking credit and cash cards - that involve the use of a four-digit PIN.

At least we now have a list of numbers we know to avoid. Anyone who still uses '1234' after today really has no excuse. ®

The essential guide to IT transformation

More from The Register

next story
Reg man looks through a Glass, darkly: Google's toy ploy or killer tech specs?
Tip: Put the shades on and you'll look less of a spanner
So, Apple won't sell cheap kit? Prepare the iOS garden wall WRECKING BALL
It can throw the low cost race if it looks to the cloud
Apple promises to lift Curse of the Drained iPhone 5 Battery
Have you tried turning it off and...? Never mind, here's a replacement
Now that's FIRE WIRE: HP recalls 6 MILLION burn-risk laptop cables
Right in the middle of Burning Mains Man week
One step closer to ROBOT BUTLERS: Dyson flashes vid of VACUUM SUCKER bot
Latest cleaner available for world+dog in September
Apple's iWatch? They cannae do it ... they don't have the POWER
Analyst predicts fanbois will have to wait until next year
HUGE iPAD? Maybe. HUGE ADVERTS? That's for SURE
Noo! Hand not big enough! Don't look at meee!
Samsung Gear S: Quick, LAUNCH IT – before Apple straps on iWatch
Full specs for wrist-mounted device here ... but who'll buy it?
AMD unveils 'single purpose' graphics card for PC gamers and NO ONE else
Chip maker claims the Radeon R9 285 is 'best in its class'
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.