Updated: April 15, 2021
People are creatures of habit. They're lazy and lack originality... and apparently the same can be said about their passcodes. Through the course of our duties, we have had devices that are not supported by brute forcing open the devices, and the information they provide are critical to making or breaking a case. We have come across passcodes that seem to be common amongst multiple users.
4-digit passcodes contain a complexity of 10,000 possible solutions. 6-digit passcodes contain a complexity of 1,000,000 solutions. Pattern locks contain a complexity of 389,112 solutions. Lastly, I have a better shot of winning 10 consecutive Power Balls than getting into anything with an alphanumeric passcode... with a few exceptions.
Ideally, we would like for our extraction tools to obtain the passcode, but sometimes, that's not reality. We keep a log of all devices that come through our lab for metrics and so that we can determine trends that become evident.
While passcodes are created to keep our data safe, we use our mobile devices constantly throughout the day. I average 100+ pickups per day, and with COVID-19 making facial recognition next to impossible, I'm constantly typing in my passcode to avoid pulling down my mask and getting "Karen-ed" for not playing by the rules. I'm an exception to the rule, my passcode is unique and does not contain any sequential numbers or repeats. Not everyone thinks like me. Security doesn't always equal user-friendly on a device you pick up constantly. So oftentimes, what should be a secure passcode is often one that requires little input or thought during it's creation.
Which brings us to this list. There are many lists that already exist out there, however, this is a list of all of the passcodes that we have seen used on multiple occasions from multiple users. This list is ever-evolving and what is common today, may change tomorrow. Think of this as a living cheat-sheet of data to assist you in your investigations.
Common Trends for Passcodes
- Birthdays (DD/MM or DD/MM/YY)
- Birth Years (YYYY)
- Look for commonly used number combinations in user accounts (i.e. email, Instagram, etc.)
- Pattern: 2589
- Pattern: 14753
- Pattern: 14789
- Pattern: 1235789
- Pattern: 1478963
Common Trends for Pattern Locks
- Pattern locks use a minimum of four nodes.
- Most pattern locks start in the upper-left corner.
- Most patter locks mimic shapes and/or letters (i.e. 1235789 = Z)