Quantitative analysis of PIN choices: a contribution to the establishment of authentication requirements

José Carlos Carvalho, Vítor Sá, Maria José Magalhães, Sérgio Tenreiro de Magalhães

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The authentication using a PIN number remains one of the most used ways to enter a system (mobile phone, ATM, etc.). Many people seem to dislike this form of authentication because they simply despise their use, placing unsafe PINs just because they have to put some. Some relevant results are the combination 1234, thecombinations using only one digit (example: 1111), or the central line of the numerical keypad. On the other hand there is some understanding because it is proven that remember strong passwords is a difficult task for humans, and the tendency is to choose the simplest ones. This research had a sample of 497 participants and aimed to understand the preferred choice of the participants in relation to the number of digits used for a PIN number (a choice between four and/or six digits) and realized the amount of times that each of the available digits was used. To this end it was developed a web-based tool for entering the data. This application was intended only to the data collection process, being the information processed further. Through this application, the user was asked to enter four and/or six-digit PINs. The method does not raise any doubt on the participants, which were informed about the anonymity and confidentiality of the data, and never they were asked to identify themselves. Participants were asked to use the PINs that they normally use in other contexts. With the analysis of the data it was possible to understand the distribution of digits per position in a PIN, check which digits is more/less used in each position, and check which digit is more/less used regardless of its position. Among the conclusions it appears that the layout of the numeric keypad of the system influence the PIN choice.
Original languageEnglish
Title of host publicationProceedings of the 14th European Conference on Cyber Warfare and Security, ECCWS 2015
EditorsNasser Abouzakhar
PublisherCurran Associates Inc.
Pages35-41
Number of pages7
ISBN (Electronic)9781910810286
ISBN (Print)9781910810293
Publication statusPublished - 2015
Event14th European Conference on Cyber Warfare and Security, ECCWS 2015 - Hatfield, United Kingdom
Duration: 2 Jul 20153 Jul 2015

Publication series

NameEuropean Conference on Information Warfare and Security, ECCWS
Volume2015-January
ISSN (Print)2048-8602
ISSN (Electronic)2048-8610

Conference

Conference14th European Conference on Cyber Warfare and Security, ECCWS 2015
Country/TerritoryUnited Kingdom
CityHatfield
Period2/07/153/07/15

Keywords

  • Authentication
  • Digits
  • Keypad
  • PIN
  • Security
  • System

Fingerprint

Dive into the research topics of 'Quantitative analysis of PIN choices: a contribution to the establishment of authentication requirements'. Together they form a unique fingerprint.

Cite this