Tip of the Day: Avoiding Common PIN Patterns in Windows Hello

Today's tip...

Have you ever encountered the following warning when creating a new PIN for Windows Hello? If so, have you ever wondered what logic is used to distinguish a "common PIN pattern"?

Common number patterns are PINs that have the same difference between multiple digits in the PIN. For example, in 123456 the difference between the adjacent number is 1 in all cases, so it's blocked.

In a nutshell, a simple PIN algorithm is used to look for and disallow any PIN that has a constant delta from one digit to the next.  This prevents repeating numbers, sequential numbers and simple patterns.

So, for example:

  • 1111 has a constant delta of 0, so it is not allowed
  • 1234 has a constant delta of 1, so it is not allowed
  • 1357 has a constant delta of 2, so it is not allowed
  • 9630 has a constant delta of -3, so it is not allowed
  • 1431 does not have a constant delta, so it is okay
  • 1593 does not have a constant delta, so it is okay

Consider the following numbers?

  • 1113
  • 99875

They both contain a constant delta, but only within a subset of the complete interval. As the algorithms only look for a constant delta across all intervals, both of these PINs would be acceptable.