Javascript is not enabled.

Javascript must be enabled to use this site. Please enable Javascript in your browser and try again.

Skip to content
Content starts here
Leaving Website

You are now leaving and going to a website that is not operated by AARP. A different privacy policy and terms of service will apply.

Avoid a PIN-Number Data Breach

Safeguarding the 4-digit gateway to your money and identity

  |  You may guard your Social Security number like a Rottweiler and change your computer passwords as often as your socks. But is your PIN (personal identification number) really protective? Not if you picked it using common practices aimed at making it easy to remember. Trouble is, these numbers are also easy for crooks to guess.

Here's how to safeguard the four-digit gateways to your money and cellphone:

spinner image Image Alt Attribute

AARP Membership— $12 for your first year when you sign up for Automatic Renewal

Get instant access to members-only products and hundreds of discounts, a free second membership, and a subscription to AARP the Magazine. Find out how much you could save in a year with a membership. Learn more.

Join Now

• Never use your birthdate as a PIN. The bad guys know that people do this. A quick glance at the driver's license or other ID lets thieves access money at an ATM with about one in 15 stolen wallets, according to British researchers.

spinner image Tips for how to create a memorable PIN code that's not easily guessed by crooks. For Scam Alert.
Tips for how to create a memorable PIN code that's not easily guessed by crooks.
Vincent Mo/Corbis

• Don't use a string of numbers like 1234 or 1111. These rank as the first and fourth most common iPhone PINs.

• Avoid your birth year — or any year from 1950 onward, says Joseph Bonneau of the University of Cambridge, who coauthored the British study.

• Avoid the last four digits of your Social Security number.

• Your phone number? The birthdate of a child or grandchild? Give them a pass. With an online search of public records, phone directories or newspaper announcements, an Internet-savvy scoundrel can get that information.

• The street or apartment number of your home, printed on your driver's license, is also easily found.

So, what numbers should you use? The bank-assigned one is typically "a safe choice," says Bonneau, but consider these other smart strategies:

• Sequences from a childhood phone number or a long-unused company ID is a good choice, as long as it's no longer listed anywhere, says Bonneau. Also consider numbers that you dial frequently but that are hard to trace to you, like a pizza shop.

Speak Out!

Run into a scam not mentioned here? Have additional tips other readers could use? Speak out on our Scams & Fraud message board.

• Thieves will have a hard time guessing that your favorite holiday is Halloween (1031). Also consider PIN-izing a momentous event in your personal history, such as the date you hit that game-winning home run in Little League.

• If you use a word for your PIN, try basing it on a random phrase that you can recall, like 6488 for "now is the time" (NITT).

• Four-digit PINs are standard, but go longer if you're allowed. The more digits, the harder to crack.

Once you choose a good PIN, never carry a reminder in your wallet. At the ATM, cover your hand when typing, to shield your PIN from prying eyes or scammer-installed hidden cameras.

Sid Kirchheimer is the author of Scam-Proof Your Life, published by AARP Books/Sterling.

Discover AARP Members Only Access

Join AARP to Continue

Already a Member?

spinner image cartoon of a woman holding a megaphone

Have you seen this scam?

  • Call the AARP Fraud Watch Network Helpline at 877-908-3360 or report it with the AARP Scam Tracking Map.  
  • Get Watchdog Alerts for tips on avoiding such scams.