PIN Crack Time Calculator

Calculator inputs

PIN length *

Common values: 4, 6, 8. Max 20 for safety.

Known positions

If some digits are known, search space shrinks.

Character set

Choose based on what the PIN allows.

Attack mode

Mode is informational; speed/policy drives the estimate.

Guesses per second *

Example: 0.3 (slow), 2 (fast), 10+ (offline).

Lockout policy

Permanent lockout can make success infeasible.

Attempts before lockout

Common: 5–10 attempts before delay.

Lockout duration (seconds)

Used for temporary lockout cycles.

Metric

Probability is most realistic for planning.

Success probability (%)

50% approximates expected/median outcome.

Reset

Example data table

PIN	Charset	Guesses/sec	Lockout	Metric	Estimated time
4 digits	10	2	5 tries + 30s	50%	≈ 20 min
6 digits	10	2	5 tries + 30s	50%	≈ 14 hours
6 digits	10	0.3	10 tries + 60s	50%	≈ 4 days
4 hex	16	10	No lockout	Worst	≈ 1 hour

Examples are illustrative only; real systems vary widely.

Formula used

Search space: If the PIN has length L, character set size S, and K known positions, unknown length is U = L − K. Total combinations are:

N = S^U

Attempts: For an even chance (average/median planning), expected attempts are approximately:

E[tries] ≈ (N + 1) / 2

For a target success probability p with uniform guessing without replacement:

tries(p) = ⌈p · N⌉

Lockout effect: With temporary lockout after A attempts and delay D seconds, effective speed becomes:

rate_eff = A / (A / rate + D)

How to use this calculator

Set the PIN length and the allowed character set.
If you already know some digits/positions, enter known positions.
Enter a realistic guesses per second for your scenario.
Choose a lockout policy and configure attempts and delay.
Select a metric (probability is best for planning).
Press Calculate. The result appears above the form.
Use Download CSV/PDF to export the latest result.

Defensive note: prefer longer PINs, stronger rate limits, and lockouts to reduce risk.

Search space expands quickly

PIN strength is driven by the number of possible combinations. With length L and set size S, the search space is N = S^L. A 4-digit numeric PIN has 10^4 = 10,000 options, while 6 digits has 10^6 = 1,000,000. If one position is already known, the unknown length drops and N shrinks by a factor of S. This calculator shows both the full and reduced space.

Speed assumptions shape the estimate

Time depends on your guessed rate, expressed as guesses per second. Online attempts are often slow because servers add delays, captchas, or monitoring. On-device entry is usually slower than scripted requests, yet it may have strict lockout rules. Offline guessing can be much faster, but only applies when a verifier such as a hash is available. Enter the best defensible rate for your scenario and compare outcomes. If unsure, start with 1 guess/sec and adjust using response times and backoff rules.

Lockouts change effective throughput

Temporary lockouts create cycles: A attempts, then a delay D. The tool converts that into an effective rate: A / (A/rate + D). For example, at 2 guesses/sec with A = 5 and D = 30 seconds, you spend 2.5 seconds guessing and 30 seconds waiting, yielding about 0.154 guesses/sec. That is roughly 13× slower than the raw rate. Permanent lockout is modeled as a hard cap on total attempts.

Probability metrics improve planning

Worst case assumes you must try every possibility, which is conservative but often unrealistic. Average case is near (N+1)/2 attempts, matching a 50% median success point. For a chosen probability p, the tool uses tries(p) = ceil(p·N), helping you compare 50%, 90%, or 99% targets. Using probability makes lockout policies and speed assumptions easier to interpret in risk discussions.

Use outputs for policy and training

The results are most useful for defensive decisions: selecting longer PINs, narrowing allowed attempts, and increasing delay after failures. Exported CSV supports quick comparison across devices and policies, while the PDF snapshot is suitable for audits, awareness briefings, or control documentation. Record your assumptions—PIN rules, rate, and lockout behavior—so future reviews can reproduce the estimate and track improvements. Pair the estimate with guidance: enable wipe after failures, and favor biometrics with fallback.

FAQs

1. Does PIN length matter more than character set size?

Often yes. Adding two digits multiplies combinations by 100, while switching from digits (10) to full alphanumeric (62) multiplies by 6.2 per position. Use the allowed rules for your system.

2. What guesses-per-second value should I use for online attempts?

Use a conservative rate that reflects real response time and enforced delays. Start low, such as 0.2–2 guesses/sec, then adjust based on measurements and monitoring controls. Online systems frequently throttle or block automation.

3. How do I represent exponential backoff or progressive delays?

Approximate it by choosing a temporary lockout with a longer delay and fewer attempts, then run multiple scenarios. If delays grow over time, your effective rate will decrease, so treat your estimate as an optimistic upper bound.

4. Why might the calculator say the attack is not feasible?

Permanent lockout caps total attempts. If required attempts exceed the cap, success cannot be reached without bypassing controls. For defensive planning, that outcome indicates the lockout policy is strong against guessing.

5. Which metric should I pick: probability, average, or worst?

Probability is best for planning because it maps to risk thresholds, such as 90% or 99%. Average approximates the median case. Worst case is a strict upper bound and can overstate practical effort under lockouts.

6. What is the safest way to share exported results?

Share assumptions and totals, not real PINs or device identifiers. Use the PDF for audits and the CSV for comparisons. Store reports with access controls, and avoid sending them through insecure channels.