Want To Make Your iPhone’s PIN More Secure? Repeat A Digit.

Here’s one for today’s “Yeah, I probably should’ve thought of that” pile.

If you’ve got anything even remotely private on your phone (and who doesn’t? Your phone has access to your email, and thereby access to everything else), you’ve hopefully got a security PIN on the lockscreen. But which numbers should you use? 4 unique numbers would be most secure, right? Not quite, and here’s why: we’ve got nasty, nasty fingers.

While 4 unique digits (each an unknown digit from 0-9) might seem like the most secure option for a 4 digit pin (with 10,000 possibilities), our greasy mitts introduce a bit of an issue: our fingerprints.

(Before we dive in: Cheers to Skeleton Key Security for bringing this up and Presh Talwalker for having done the math a bit earlier. I’d highly recommend either for a deeper dive into the subject.)

Go ahead: punch in your pin, lock the phone again, and tilt the phone a bit until the light catches the oil residue. A huge chunk of the time, you’ll see big ol’ globs of finger-juice sittin’ right on top of the 4 numbers that make up your PIN. When a would-be intruder knows the 4-digits used (as they would gather from the placement of your prints), they only need to figure out the combination. The number of possibilities drops from 10,000 to 24.

So, what are you to do? Use one of the numbers twice.

By using one digit twice, you’re introducing two challenges: first, the intruder must guess whether you used 4 unique digits (and one of the digits just didn’t smudge clearly), or 3 digits with 1 repeated. If they go with the latter, they’ll need to figure out which of the 3 digits was used twice. This increases the number of permutations from 24 to 36. It’s not at all intuitive, but using one less unique digit actually makes things marginally more secure.

“But wait,” you say. “24 to 36 isn’t a huge jump. If they’ve got the time to try 24 possibilities, they’ve got the time to try 36.”

This is absolutely true… unless you’ve got a cap on the number of times they can make a guess before your phone wipes itself. If they’ve got 10 tries and 24 options, they’ve got a 41% chance of getting it right. If they’ve got 10 tries and 36 options, this dumps down to 27%.

Sure, the improvement is arguably slight — but better security is better security. Or, if you’re particularly hardcore, you could disable the Simple Password and have access to a full keyboard. That’s pretty painful, though.

(Side note: Apple [or anyone else with a touchscreen-based PIN input system] could actually make the 4-digit system exponentially more secure with an option to randomize the placement of each digit on the keypad each time. This would negate the fingerprint issue, spiking the possible count back up to 10,000. Of course, this would also be terribly confusing and definitely shouldn’t be enabled by default.)