Guessing ATM PIN's using publically available information via social media

I was looking at the information a lot of us have publicly available and began to think about ATM PIN security.

The ATM's I am familiar with have a 4 digit (all numerals) pin code, this suggests that your pin is probably going to be a year. If you look at facebook, linkedin, myspace, flickr and any number of other sources you can build a profile of a person which can greatly help to reduce the number of possible ATM pin combinations they are likely to be using. Once you have a profile of your target, asking the right questions can reduce the ATM pin possibilities to a substantially more manageable number.

As an example:

If you are looking at a single guy, building a profile can determine the questions you need to answer for this person:

If this is a young unmarried single guy, you should find out:

Year of his birth
Does he have a new job?
Did he get a promotion recently?
Does he have his own car?
What year model is his car?
What year did he buy his car?
Does he have his own place?
What year did he buy his own place?
Does he have a dog?
What year did he get his dog?
Does he have any hobbies he is extremely passionate about?
Do any of them have specific years tied to them?
For instance maybe he likes guitars; maybe he has a favorite guitar. Is that a vintage 1965 Fender Strat?

This means you are looking at 6-9 likely possibilities for his ATM pin, given that you usually get about 3 attempts before being locked out the odds of getting the right combination are fairly high.

If the individual is married and has kids, you may need to add a few more questions

What year did he have his first kid?
What year did he get married?
The Date of Birth of his wife or significant other?

The more complex the profile, the more you need to fine tune your questions. While we might recommend that people create a number only they know and that sort of thing, a lot of us are more likely to go with something that we are familiar with and likely to easily remember. I am just scratching the surface here, the better you build the profile the better you get to know the person and this improves the likelihood of you getting back improved information.