Quick, think of a random six-digit number. You know, like the one-time security codes you get on your mobile phone. Write it down, I’ll wait…
Okay, once you’ve written the number down, click here to read the rest.
Look at the number you just wrote. Are any of the digits repeated? Or is it six unique digits? For example, “254826” (the ‘2’ is repeated), or “374182” (all digits are unique). Most people will choose a number with six unique digits. Humans are disinclined to repeat a digit when picking a random sequence.
But never repeating a digit is, in fact, making the number less random. The probability of a six digit number having all unique digits is just 15.12%1The math: randomly pick the first digit. Now, randomly pick the second digit – the odds of it being unique are 9 out of 10 (0.9). The third digit can’t be either of the first two, so its chances of being unique are 8 out of 10. And so on, with the remaining three digits; you end up with 0.9 x 0.8 x 0.7 x 0.6 x 0.5, which equals .1512. That means that approximately 85% of the time, there should be at least one digit that repeats.
As a quick confirmation, I browsed my text message history for the past few months for any six-digit security codes I’ve received. Out of 35, just six had all unique digits. That works out to 17.1% – pretty much spot on. So the random number generators are doing their job.
The risk of having humans generate supposedly random sequences was a component in breaking the Enigma coding machine used by Germany during World War II. Operators of the device were supposed to choose a random 3-letter key for each message they sent. But hurried operators sometimes would just type in 3 consecutive keys on the keyboard (like “QWE” or “SDF”), rather than stop and try to think of a true random sequence. The British cryptographers at Bletchley realized this and used it to their advantage.
