Last week we told you about common smart phone passwords and certain password patterns to avoid using. While gaining access to somebody’s phone may not be the worst thing to some, oftentimes people use the same PIN for their phone as for their bank accounts, credit cards, etc. This is a much more serious problem. To help you stay safe, we put together a few tips about how to avoid having people guess your password...As we mentioned last week, avoid using these 10 most common PINs
. If you happen to have used one of these, now we would be a good time to change your PIN on you phone and for all of your other accounts – especially now that the world knows there is a 1 in 7 chance of simply guessing your password right away.
But even if you aren’t using one of the 10 most common passwords, there is still a chance that anyone with access to your touch screen device will still be able to guess your password relatively easily. How? Well its actually quite simple – by looking at your fingerprints and seeing how they correlate to the number pad. The simple solution here is to wipe your screen and get rid of the fingerprints. However, its not practical to do that every single time we unlock our phones. In this case, repeating digit will make your 4 character password more secure.
Using Game Theory and simple probability, Presh Talwalkar, figured out that 3 numbers in a 4 digit password makes it more secure. He found that 4 numbers in a 4 digit password yielded 24 combinations of passwords assuming you know each of the 4 numbers (by looking at fingerprints). However, by using 3 numbers for a 4 digit password resulted in 36 possible combinations. So if you can, use 3 digits instead of 4, especially if you have a touch screen where people can see where you have been tapping.
(via Hacker News)
(Graph from Daniel Amitay)