Credit: racheocity@Flickr; # 54 :: 02/23/10 :: My door handleBill T's morning was off to a really bad start. First, his alarm went off late. This forced him skip his morning coffee which, in turn, made him so groggy that he blew right through a stop sign on the way to work causing a near-miss with some guy on a bicycle. A passing police cruiser noticed the event and Bill was issued a citation, the writing of which resulted in him arriving almost an hour late to work.

And now, just when things couldn't get any worse, his security fob didn't work.

"Oh, ho HO! this is fun," Dan, the head of the NOC crew at the colocation facility Bill frequented, "your account got whacked after the security guys updated the system! Don't worry, Bill, I trust ya" Dan said with a wink, "I'll get you set up with a new account in a jiffy."

Bill sighed. At least one thing was on his side this morning.

Access to the facilty was a burden even when everything was working. While not nearly as bad as some places, you first pass into a waiting area through the outer door where you swipe your fob and enter a 5-digit number. The inner sanctum is controlled by the same fob and a fingerprint scan. Thankfully for Bill, he had made a point of chatting with the NOC guys whenever he stopped by to service his clients' server cabinets, else, he could have been stuck in administrative hell trying to prove he wasn't some imposter trying to access the server rooms.

"Ok, one last step - I need a 5-digit number for your door pin - here, type it in on this keypad."

With the grace of a gazelle, one-handedly Bill pecked out 33755 - his parents' zip code - and hit enter.

The comptuter dinged and Dan sucked in through clenched teeth before stating, "No can do - there's an error 'Invalid PIN - Bad Number Entered', whatever that means...you didn't press a letter or something?"

Of course I didn't press a letter, you idiot, Bill thought before unsuccessfully trying a few more all with the same error: 33754...90210...83105...and then, Bill had a crazy idea. He tried 32768, failed again, but 32767 was accepted.

He was right.

Bill guessed that when the system was designed, the architects must have used a SMALLINT to store the 5-digit number. This meant that you also cannot choose a code that is larger than 32767. On the upside, this meant that the PIN only occupied 2 bytes of space. On the downside, this eliminated over 2/3 of the potential values. Bill figured that as a result, his account likely was deleted owing to the fact that his old PIN would be considered "illegal".

Bill suggested this scenario to Dan who nodded in agreement, "Makes sense" he said while rubbing his chin, "but also explains why nobody else has brought this up before you."

"What do you mean?" Bill shot back.

"Well, you see, ...most people never change the PIN we give them."

Bill recalled when he first received his access. Of course their original PIN worked fine.

The default PIN was 12345.