How do passwords get hacked?
Published | May 16th, 2017
Hacking occurs everywhere, to anyone, and sometimes for no better reason than to have a little fun. The first line of defense against any good hack is a good password. A nicely formatted password can withstand even the most brutal of attacks.
But before you build up your password, you must know how it can be broken down. Here are seven common ways a hacker plans to crack your code:
They Guess It.
Anyone who knows you personally, checks out your social media page or overhears your conversation can crack a simple password. Do you use the name of your child, your favorite football team or the make and model of your vehicle? What about your wedding anniversary, place of birth or favorite movie? If so, you’ve done been cracked.
They See It.
Have you ever logged into an account in public or written a password down on a piece of paper? Did the person standing behind you in line see you? Did you even know someone was standing behind you?
They Log It.
Has your PC, phone or tablet been infected by malware lately? If it has, you might be infected with a bad case of the Keyloggers. This tricky version of malware can see and track everything you type. If you don’t use a password manager, it can log all your keystrokes, including when you signed into your bank account, your email, and your Facebook page.
They Automate It.
There are many types of software available—most of which are free—that hackers use to crack your passcodes. These include Brutus, RainbowCrack, and John the Ripper. These automate the code-cracking process and the only defense is a long, complex password and time. This malicious software creates algorithms to quickly run through every dictionary word and a list of the most popular passwords. It will then attempt other less common word combinations and begin attaching capitalizations, numbers, and symbols. If your password is complex enough, it may take weeks or months this tool to guess your code.
They Expose It.
Hackers can use a variety of means—phone, email, letters—to wrongfully expose your password. This type of password cracking would fall in line with the Monster example noted previously. The hackers stole personal information from Monster’s account holders and used this information to moonlight as the company. While their intent was not to gain passwords, they easily could have done so.
They Phish It.
The intent here is to trick you into inputting your login information. A corrupt link will lead you to an illegitimate website that looks almost identical to the real thing—your email, a shopping website or your bank account. Once you type in your credentials, the site will record your information and use it to gain access to your true account.
They Steal It.
Ashley Madison’s account passwords were stolen. Someone hacked into their database and kidnapped all the information it contained. These passwords were ‘hashed’, which transforms your data into another format much like encryption does. But with hashing, the data is stored differently and is not ‘reversible’, meaning it should be more secure for data like passwords; however, this did not stop a handful of security experts and groups from trying. It only took a few hours for most of these groups to crack millions of Ashley Madison passwords. And, once again, the only defense you have is a long, complex password and time.
For more information on how to create a strong password and keep all your information secure, please click here.