# '1234' is most common iOS passcode, according to app developer



## ekim68 (Jul 8, 2003)

> Some data collected anonymously from users of an iOS application freely available on the App Store suggests that a good amount of people don't bother picking secure passcodes for their mobile devices. The most common passcode was, not surprisingly, 1234.
> 
> The next four common passcodes are just as uncreative: the bottommost button four times (0000), down the middle row of buttons (2580), the top left button four times (1111), and the middle button four times (5555).


----------



## Ent (Apr 11, 2009)

Link?
It's a really important point that. A 4 digit combination should have 10000 possible options, but that doesn't make it strong if you're too lazy to pick one. I wonder what proportion of phones could be broken with these first 5 guesses, I bet it's not a low number.

I'm a bit surprised that 9999 doesn't feature though.


----------



## ekim68 (Jul 8, 2003)

Whoops, sorry...

Link


----------



## Ent (Apr 11, 2009)

Answered my own question.

http://www.neowin.net/news/1234-is-...-according-to-app-developer?showcomments=true


> _Top ten iPhone passcodes: [1234, 0000, 2580, 1111, 5555, 5683, 0852, 2222, 1212, 1998]
> _
> Naturally, 1234 is the most common passcode: mimicking the most common internet passwords. To put this into perspective, *these 10 codes represent 15% of all passcodes in use*.


Or at least, 15% of all passcodes in use by users of that app. They might have a different pass code for the real thing, or people who choose poor passwords may be more strongly predisposed to use the app for some reason.


----------



## itscolumn (Jun 12, 2011)

I am not an iPhone user, but I am sure there is better security instead of the passcode.


----------



## btop (Jun 10, 2011)

That begs the question: How does this developer know what people use as passcodes..?


----------



## jiml8 (Jul 3, 2005)

btop said:


> That begs the question: How does this developer know what people use as passcodes..?


That was my first thought too.


----------



## Ent (Apr 11, 2009)

As best I can understand it, that question is answered by the nature of the app itself. It apparently replaces the standard login sequence with an identical duplicate, except that the new one keeps a log of people's attempts to break in (apparently just for ammusement purposes). The user sets a passkey for that app which is assumed for the statistics to be identical to the passkey normally used for the phone. As my Post 4 indicates I can see a lot of problems with this approach, but the take home message is nevertheless very important.Of course I don't really know. I don't have such a phone so obviously I can't do much in the way of investigation.


----------

