Are Smart Digital Door Locks with Passcode Secure? Can the Passcodes be Easily Cracked?

As a smart digital door lock, passcode unlocking is already a basic function. Without passcode unlocking, it can hardly be considered "smart," right? However, you may be concerned that a passcode lock with only numeric codes can be easily cracked. Is the mechanism of passcode locks truly secure? If you don't want to use other unlocking features like fingerprint unlocking or facial recognition unlocking, are there any other passcode unlocking functions that are more secure? This Moorgenzine article will address these concerns one by one.

Key Points of this Article:

• How do passcode locks work?
• How do passcode locks prevent being cracked?
• What is Random Security Code feature?
• Modern Passcode Locks - Virtual Passcodes

How do passcode locks work?

Smart passcode digital door locks rely on specific numeric combinations to control the unlocking of residential doors. The passcode lock of a smart digital lock is not like the mechanical combination lock of a safe, where rotating the dial to the correct position aligns the gears and unlocks the lock. Instead, it involves using fingers on the digital screen of the smart digital lock to input a numeric passcode. When the controlling chip receives the user's inputted passcode, it compares it with the default passcode. If the inputted passcode matches the default passcode, the chip will control the mechanical lock core to unlock. Otherwise, the chip will send a command to the display indicating passcode unmatched, requiring the user to input the passcode again.

Smart digital locks typically use a 4-8 digit numeric passcode, similar to unlocking your smartphone screen or operating a bank ATM. Whenever you need to enter your home from outside, you need to input the correct passcode to unlock the door.

How do passcode locks prevent being cracked?

In fact, the mechanism of passcode unlocking is about probability, specifically statistics. As mentioned earlier, smart digital locks generally allow for 4 to 8-digit numeric passcodes.

The passcode keypad typically offers a selection of 10 digits (0-9):

Assuming the passcode combination for a smart digital lock is a 4-digit number, there would be a total of 10,000 possible combinations:

V 4′ (10) = 104 = 10,000

Assuming the passcode combination for a smart digital door lock is a 6-digit number, with 10 digits (0-9) to choose from, there would be a total of 1 million possible combinations:

V 6′ (10) = 106 = 1,000,000

Assuming the passcode combination for a smart digital door lock is an 8-digit number, with 10 digits (0-9) to choose from, there would be a total of 100 million possible combinations:

V 8′ (10) = 108 = 100,000,000

Typically, smart digital passcode door locks have a limit on the number of incorrect attempts to prevent trial and error, where someone continuously tries until the correct combination is found. The usual limit for consecutive incorrect attempts is 5 times, after which the door lock will stop functioning for a few minutes.

If an unauthorized person attempts a trial and error: 

For a 4-digit passcode combination, the chance of guessing correctly within 5 attempts is only 0.05%:

5 / 10,000 x 100% = 0.05%

For a 6-digit passcode combination, the chance of guessing correctly within 5 attempts is only 0.0005%:

5 / 1,000,000 x 100% = 0.0005%

For an 8-digit passcode combination, the chance of guessing correctly within 5 attempts is only 0.000005%:

5 / 100,000,000 x 100% = 0.000005%

With the limit on the number of incorrect attempts, even if a 4-digit passcode is used, the chances of an unauthorized person guessing the correct passcode are very low. Of course, when setting a passcode, it is generally advised not to use meaningful combinations such as family birthdays, phone numbers, or license plate numbers, to prevent narrowing down the potential range of passcodes, making it easier for someone to "guess correctly."

What is Random Security Code feature?

Random security code refers to a feature in smart digital locks where, before entering the correct passcode, the lock displays two random digits and you need to press these two digits first before inputting your set passcode.

Why is there a need for random security code feature, and what is the underlying principle?

Every time we enter a passcode on the digital screen, our fingerprints are left on the numeric keys. Without random security code, unauthorized person could detect the residual fingerprints on the screen, narrowing down the potential passcode range. For example, if your passcode consists of six different digits, there would be residual fingerprints on those six digits on the digital screen. Assuming the unauthorized person know you are using a six-digit passcode and are aware of the six residual fingerprints, the number of possible combinations for a six-digit passcode (assuming no repeated digits) would decrease significantly from one million to 720. The chances of "guessing correctly" within five attempts using a "trial and error" method would increase from 0.0005% to 0.694%.

The number of combinations for selecting six digits from a set of six different digits: P(6) = 6! = 720.

The probability of "guessing correctly" within five attempts is: 5/720 = 0.694%.

If two random digits are added, and these digits are not among the original six digits, resulting in eight residual fingerprints, the situation changes. Assuming the unauthorized person still knows you are using a six-digit passcode, but now with eight residual fingerprints, they cannot determine if there are repeated digits in your six-digit passcode. The number of possible combinations for a six-digit passcode would increase dramatically from 720 to 262,144. The chances of "guessing correctly" within five attempts using a "trial and error" method would decrease from 0.694% to 0.0019%.

The number of combinations for selecting six digits from a set of eight digits, allowing for repeated digits, is calculated as V 6′ (8) = 8^6 = 262,144.

The probability of "guessing correctly" within five attempts is 5/262,144 = 0.0019%.

Random security code is a mechanism designed to balance the security and user experience of passcode locks. Firstly, it allows you to use a passcode length that you are comfortable with, such as six digits, while increasing the number of possible combinations and reducing the chances of "guessing correctly" within a limited number of attempts.

Modern Passcode Locks - Virtual Passcodes

In addition to random security code, there is another innovative passcode unlocking method for modern smart digital door locks called the "virtual passcode." The emergence of virtual passcode aims to strike a balance between the security and user experience of passcode locks. It offers higher security and theoretically better user experience by reducing cognitive load.

The principle of the virtual passcode is that, during the unlocking process, you can freely add any numbers before and after the correct passcode. In other words, the "input passcode string" equals "random numbers + correct passcode + random numbers." As long as the input string contains the complete sequence of the "correct passcode," the lock can be unlocked.

If you want to learn more about the virtual passcode, you can refer to the article: 【Smart Home】Smart Door Locks: What is a Virtual Passcode? Understanding How Virtual Passcode Work.

After reading this Moorgenzine article, we believe you have gained a deeper understanding of smart digital door locks with passcode functionality. If you have any questions regarding smart locks, feel free to contact Moorgen at any time for further information. Additionally, if you wish to experience the lifestyle enhancements brought by smart locks firsthand, you are welcome to visit Moorgen's showroom located in North Point, Hong Kong, and experience Real Smart Home firsthand.