Posts tagged ‘digit’

My Insecurity Over Security Codes

Every time I attempt to access one of my company’s applications via our single sign-on (SSO) system, I’m required to request a validation code that is then sent to my smartphone, and then I enter that code on the login page.

It’s a minor nuisance that drives me insane.

The purpose of the codes are to provide an additional level of security, but given how un-random the codes seem to be, it doesn’t feel very secure to me. This screenshot shows some of the codes that I’ve received recently:

Verification Codes

Here’s what I’ve observed:

  • Every security code contains 6 digits.
  • The first 3 digits in the code form either an arithmetic or geometric sequence, or the first 3 digits contain a repeated digit.
  • Similarly, the last 3 digits in the code form either an arithmetic or geometric sequence, or the last 3 digits contain a repeated digit.

As an example, one of the codes in the screenshot above is 421774. The first 3 digits form the (descending) geometric sequence 4, 2, 1, and the digit 7 appears twice in the second half of the code.

I believe the reason for these patterns is to make the codes more memorable to those of us who have to transcribe them from our phones to our laptops.

This got me thinking. The likelihood of someone correctly guessing a six-digit code is 1 in 1,000,000. But what is the likelihood that someone could correctly guess a six-digit code if it adheres to the rules above?

If you’d like to answer this question on your own, stop reading here. To put some space between you and my solution, here’s a security-related joke:

“I don’t understand how someone stole my identity,” Lily said. “My PIN is so secure!”

“What’s your PIN?” Millie asked.

“The year of Knut Långe’s death,” Lily replied.

“Who is Knut Långe?”

“A King of Sweden who usurped the throne from Erik Eriksson.”

“And what year did he die?”

“1234.”

(Incidentally, Data Genetics reviewed 3.4 million stolen website passwords, and they found that 1234 was the most popular four-digit code. The researchers claimed that they could use this information to make predictions about ATM PINs, too, but I don’t think so. All this shows is that 1234 is the most commonly stolen password, and therefore this inference suffers from survivorship bias. Without having data on all the codes that were not stolen, it’s impossible to make a reasonable claim. But, I digress.)

To determine the number of validation codes that adhere to the patterns I observed, I started by counting the number of arithmetic sequences. With only 3 digits, there are 20 possible sequences:

  • 012
  • 024
  • 036
  • 048
  • 123
  • 135
  • 147
  • 159
  • 234
  • 246
  • 258
  • 345
  • 357
  • 369
  • 456
  • 468
  • 567
  • 579
  • 678
  • 789

But each of those could also appear in reverse (210, 975, etc.), giving a total of 40.

There are far fewer geometric sequences; in fact, only 3 of them:

  • 124
  • 139
  • 248

And again, each of those could appear in reverse, giving a total of 6.

Finally, there are 10 × 9 × 8 = 720 three-digit numbers with no repeated digits, which means there are 1,000 ‑ 720 = 280 numbers with a repeated digit. (Here, “number” refers to any string of 3 digits, including those that start with a 0, like 007 or 092.)

Consequently, there are 40 + 6 + 280 = 326 possible combinations for the first 3 digits and also 326 combinations for the last 3 digits, which gives a total of 326 × 326 = 106,276 possible validation codes.

That means that it would be about 10× more likely for a phisher to correctly guess a validation code that follows these rules than to guess a completely random six-digit code. But said another way, the odds are still significantly against a phisher who’s trying to steal my code. And quite frankly, if someone wants to exert that kind of effort to pirate my access to Microsoft Word online, well, I say, go for it.

August 29, 2017 at 2:12 pm Leave a comment

Can I Get Your Digits?

Saw this on a t-shirt recently:

PIN Digits Pi
It made me think about this problem involving digits.

Consider the number

1234567891011121314151617181920

obtained by writing the numbers from 1 to 20 in order side-by-side.

What’s the greatest number that can be obtained by crossing out 20 digits?

If a fetching lady or handsome gent catches your fancy by solving that problem, you might want to ask her or him…

How can I know so many digits of π and so few digits of your phone number?

And if he or she still hasn’t taken leave of you, then you could really press your luck with the following:

  1. Ask your new friend to write down a number with four or more digits.

459,163

  1. Then, have your friend add the digits.

4 + 5 + 9 + 1 + 6 + 3 = 28

  1. Subtract the sum from the original number.

459,163 – 28 = 459,135

  1. Have your friend cross out one of the digits, and then read the remaining number aloud to you.

45,935

  1. Then, miraculously announce the missing digit.

1

 

The secret to the trick? Simple. Just add the digits of the number that your friend reads aloud, and then figure out what number must be added to get the sum to a multiple of 9. Above, the digits of the number 45,935 have a sum of 26, which is 1 less than a multiple of 9, so the removed digit is 1.

 

February 23, 2015 at 10:33 pm 6 comments

Happy 100/9 Day

Today is a special day indeed. You may have already noticed that today’s date is the repetitive 11/11/11, but did you know that today is the only date this century that can be written in the form mm/dd/yy with one digit repeated six times?

Some people celebrate 3/14 as Pi Day, and to ensure complete precision for their celebration, the moment at which they celebrate is 1:59:26 p.m. In a similar vein, I suggest that we all celebrate “100/9 Day” at 11:11.11 a.m. today. Too bad 100/9 doesn’t have a Greek letter nickname for which it is better known…

Not too long ago, I was forwarded an email that contained several pieces of numerical trivia. The first was this:

This year we’re going to experience four unusual dates: 1/1/11, 1/11/11, 11/1/11, and 11/11/11.

Today is one of those dates, and it is certainly unusual for a date to contain only one repeated digit. The only other dates with just one repeated digit during this century are 2/2/22, 2/22/22, 3/3/33, 4/4/44, 5/5/55, 6/6/66, 7/7/77, 8/8/88 and 9/9/99. Since there are only 13 dates that contain just one repeated digit, it could also be said that 2011 is an unusual year for hosting four of them.

The email also contained the following:

Take the last two digits of the year in which you were born. Now add the age you will be this year. The result will be 111 for everyone in the whole world.

Blanket mathematical statements like this one are frustrating, especially when they are untrue. My friend’s grandfather was born in 1899, so he will turn 112 this year. For him, the result is 99 + 112 = 211. And my sons were born in 2007 and turned 4 this year. For them, the result is 7 + 4 = 11. In fact, based on data about age distribution, the result will not be 111 for approximately 15% of the U.S. population. The yellow bars in the graph below indicate the ages for which this trick does not work.

Age Distibution U.S.

A better statement of this “trick” might be…

Take the year in which you were born. Now add the age that you will be this year. The result will be 2011 for everyone in the whole, wide world.

Wow! Can you believe it? But it’s not much of a trick anymore, is it?

Happy 100/9 Day, everybody!

[Update] This post originally appeared as “Happy 10/9 Day,” but that was in error. I blame sleep deprivation. It has been updated to “100/9 Day” in all places.

November 11, 2011 at 1:11 am Leave a comment

Coming Up Through the Ranks

Author CentralThrough some special features at Amazon Author Central, I am able to know the daily sales rank of Math Jokes 4 Mathy Folks. My sales rank at the end of each of the last three days was 44,404, 96,990, and 35,355, respectively. I thought that was interesting — three days in a row when the sales rank was a five-digit number in which one digit occurred at least three times. What’s the likelihood of that? Stated more formally:

Assuming that the sales rank of MJ4MF is always a five-digit number, what is the probability that three consecutive days’ sales ranks will contain a digit that occurs in the sales rank at least three times?

The sales rank of MJ4MF has never been a five-digit number in which the same digit is repeated five times. (Bummer!) The probability of that occurrence, though, is even less likely than the situation described above — though I won’t tell you exactly how much less likely, so as not to spoil your fun!

July 30, 2011 at 12:01 am Leave a comment


About MJ4MF

The Math Jokes 4 Mathy Folks blog is an online extension to the book Math Jokes 4 Mathy Folks. The blog contains jokes submitted by readers, new jokes discovered by the author, details about speaking appearances and workshops, and other random bits of information that might be interesting to the strange folks who like math jokes.

MJ4MF (offline version)

Math Jokes 4 Mathy Folks is available from Amazon, Borders, Barnes & Noble, NCTM, Robert D. Reed Publishers, and other purveyors of exceptional literature.

Past Posts

June 2019
M T W T F S S
« Feb    
 12
3456789
10111213141516
17181920212223
24252627282930

Enter your email address to subscribe to the MJ4MF blog and receive new posts via email.

Join 383 other followers

Visitor Locations

free counters