Hacker News new | past | comments | ask | show | jobs | submit login

The keycodes are pretty easy to guess. Regular users will only ever enter the correct codes so if you look carefully at the keypad you can see which digits have been pressed. Most likely there will only be 4 of the 10 possible digits used. I've actually encountered keypads where the order didn't actually matter so you could get in in seconds.



Combine that with the assumption that the average consumer probably used a date of some significance for their 4-digit code and in the US you can guess that 0 or 1 was first, 0, 1, 2 or 3 was the third position, leaving you only to guess the second and fourth position.


There are only 24 possible combinations of a 4 digit code anyway (assuming 4 different digits). I doubt the devices do a lockout on the wrong code, so it wouldn't take that long to hack.


uh, where'd you get 24? how about 10 X 9 X 8 X 7 = 5040 combinations.


>I've actually encountered keypads where the order didn't actually matter

If the order really doesn't matter, then that counts combinations twice (1234, 1243..). There are 10000 possible 4-digit codes, 5040 permutations, and actually 210 combinations.


You haven't taken into account that by looking at the keypad you can tell which digits are actually used.


Because from fingerprints and similar gunk on the pad you can tell which 4 digits were used.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: