How to Generate Random PIN Codes
Picking 4 random numbers sounds simple, but as many security researchers have said before, people have tendencies and preferences for certain numbers; the end results are not at all random. In my case, I’ve had used clock to do the “random” part of the generation, but the resulting number is a combination of 0-59, not 0-99. Using birthdays are common enough that password policies often explicitly prohibit 01-12 or 01-31. The only reason I didn’t mind it, and I believe it to be primary reasons PIN isn’t criticized, is because PIN is not a true password. It’s not to meant to replace it.
Regardless, the mobile apps that use PIN codes often rely on it as if it is the sole authentication mechanism. Smartphones, now that it even holds password managers, should have safer PIN codes as well, though the physical device is capable of locking itself out.
This is yet another Python code. It will ask the user for the desired length, and although this is a recommendation, please do use a password manager and longer PIN code (likely only 6 digits, but still) for better safety.
# !/usr/bin/env python3
import secrets
import string
set_length = int(input("Enter desired password length: "))
while set_length < 1:
set_length = input("Too short. Try again: ")
pattern = [secrets.choice(string.digits) for i in range(set_length)]
print(*pattern, sep='')
I’ve always wondered why PIN is still a thing on a mobile app. I understand the need to authenticate certain apps, but hindsight 20/20, it’s a terrible practice to ask users to memorize —it quickly drains the pool of possibilities from already limited 4 digits or 6 digits. Reusing the PIN can’t be a good practice either. I would very much prefer it if the apps had regular password screen instead.