Feeds

Apple pulls app after dev publishes users' PINs

Too many folk use too-easy-to-guess passcodes

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

Is your phone PIN '1234'? If you're an iPhone owner, there's a good chance that it is. In fact, there's a good chance it's your PIN whatever handset you use.

iOS software developer Daniel Amitay, creator of an app called Big Brother Camera Security, added iPhone-style four-digit passcode access to his program. He was staggered to discover how many of them use codes that are easy to recall, but also very easy to guess.

Now, we'll overlook the moral implications of a developer covertly recording users' passcodes, even anonymously. Suffice it to say, Amitay has now had his nosy app yanked from the App Store. Amity says the iTunes EULA is on his side, but that's another story.

Amitay reasoned that punters will generally use the same code for his app as they will for their iPhone's main PIN lock - he says because the UIs are identical, but we'd suggest that the fundamental laziness of folk is also to blame - so he posted the most popular BBCS PINs.

Common iPhone PINs

But what about those codes? Right after '1234' comes '0000', followed by '2580', '1111' and '5555'.

At sixth place is '5683' - an odd number until you realise it can be entered by tapping out the word 'love' on a mobile phone keypad.

Next comes '0852' - a vertical line upwards - '2222', '1212' and '1998'.

That last number is interesting: Amitay also found that years, from the 1990s and 2000s in particular, make very commonly used PINs.

Before some of you get all smug and suggest that Android users would never make such an elementary error of security, we're prepared to bet that they - and users of other phone operating systems too, from smartphones down to basic voice-centric units - will.

And, indeed, any other gadget or object - we're thinking credit and cash cards - that involve the use of a four-digit PIN.

At least we now have a list of numbers we know to avoid. Anyone who still uses '1234' after today really has no excuse. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
Hi-torque tank engines: EXTREME car hacking with The Register
Bentley found in a hedge gets WW2 lump insertion
What's MISSING on Amazon Fire Phone... and why it WON'T set the world alight
You fought hard and you saved and earned. But all of it's going to burn...
Trousers down for six of the best affordable Androids
Stylish Googlephones for not-so-deep pockets
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Fujitsu CTO: We'll be 3D-printing tech execs in 15 years
Fleshy techie disses network neutrality, helmet-less motorcyclists
prev story

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.