Click to Skip Ad
Closing in...

Hackers love it when you use any of these easy-to-guess phone passcodes

Published Apr 3rd, 2021 1:36PM EDT
iPhone passcode
Image: SasinParaksa/Adobe

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

There is a truism among security experts, IT professionals, and the like which holds that systems are generally only as secure as their weakest link or their dumbest user. Many of the worst and highest-profile hacks, intellectual property thefts, systems intrusions, and data breaches that you read about are often made possible by making people fall for one of the oldest tricks in the hacker’s playbook — convincing people to click on a link or a message that they should instead avoid like the plague.

The same extends to the security protections that we end-users put on everything from applications and software that we use, to hardware like our computers and smartphones. A good example of this, and where many people fall short maybe without even realizing it, is in the iPhone passcode they choose to lock their device with (or the Android smartphone passcode, as the case may be).

The following list of some of the most easily guessable passcodes was recently published again after security expert Tarah Wheeler revealed them first back in 2019 — noting, at the time, that almost 30% of all iPhones that are cracked are locked with one of these 20 passcodes. Needless to say, if you use one of these, change it right now:

  1. 1234
  2. 1111
  3. 0000
  4. 1212
  5. 7777
  6. 1004
  7. 2000
  8. 4444
  9. 2222
  10. 6969
  11. 9999
  12. 3333
  13. 5555
  14. 6666
  15. 1122
  16. 1313
  17. 8888
  18. 4321
  19. 2001
  20. 1010

I’m no information security professional, but one of the things about that list that immediately jumps out at me is the fact that here we are in 2021, when most people are well accustomed to using mobile devices by now, and the most popular password people are using to lock their phone is still one that’s so bad it should be illegal. If you can’t be bothered to set a passcode that’s a bit stronger than literally the dumbest passcode on earth, then at least take advantage of Face ID or Touch ID on your iPhone (or the equivalent face and fingerprint unlock settings on your Android device) so that you don’t have to bother thinking up a password and can just use the much more secure physical feature that belongs only to you.

If you want to dive deeper into this topic of terrible and easy-to-guess passcodes and passwords, NordPass recently published its rundown of the 200 worst passwords of 2020. It’s a great list to check out, because it not only identifies the terrible passwords but how many times they’ve been exposed, and how long it would take to crack them.

Here’s the list from NordPass. Unfortunately, the #1 and #2 worst passwords of 2020 were variants on that old, idiotic chestnut: “123456,” and “123456789,” respectively. By the way, it takes less than a single second to crack either of those, so if one of those is your current passcode, you might as well just go ahead and give your phone to the nearest hacker and save everyone the effort.

Andy Meek Trending News Editor

Andy Meek is a reporter based in Memphis who has covered media, entertainment, and culture for over 20 years. His work has appeared in outlets including The Guardian, Forbes, and The Financial Times, and he’s written for BGR since 2015. Andy's coverage includes technology and entertainment, and he has a particular interest in all things streaming.

Over the years, he’s interviewed legendary figures in entertainment and tech that range from Stan Lee to John McAfee, Peter Thiel, and Reed Hastings.