Have you ever encountered the following warning when creating a new PIN for Windows Hello? If so, have you ever wondered what logic is used to distinguish a "common PIN pattern"?
Common number patterns are PINs that have the same difference between multiple digits in the PIN. For example, in 123456 the difference between the adjacent number is 1 in all cases, so it's blocked.
In a nutshell, a simple PIN algorithm is used to look for and disallow any PIN that has a constant delta from one digit to the next. This prevents repeating numbers, sequential numbers and simple patterns.
So, for example:
- 1111 has a constant delta of 0, so it is not allowed
- 1234 has a constant delta of 1, so it is not allowed
- 1357 has a constant delta of 2, so it is not allowed
- 9630 has a constant delta of -3, so it is not allowed
- 1431 does not have a constant delta, so it is okay
- 1593 does not have a constant delta, so it is okay
Consider the following numbers?
They both contain a constant delta, but only within a subset of the complete interval. As the algorithms only look for a constant delta across all intervals, both of these PINs would be acceptable.