Here’s How a Hacker Would Get at Your Password
As often as we read about how important a strong password is, we still don’t often grasp that anyone could actually sit down and successfully crack a password. Perhaps, one could begin to believe if one actually saw how a skilled (and unethical) hacker would go about it.
The first step – trying an easy formula
People don’t just have trouble remembering passwords – they have trouble thinking them up, too. Many use one of a few predictable ways to arrive at one. The name of a partner or child or pet is one. The numbers of the date of someone’s birthday is another popular choice. People also think of the name of their college or favorite sporting team, or they put in their Social Security number. People use these simple ideas if they don’t want to try something completely transparent – like 123456, asdfgh or iloveyou.
Hackers can get into one out of four accounts out there using one of these ideas. How do they know what the name of your partner is? Chances are that, if you have a simple password like this, you aren’t very careful with your Facebook account, either. You could possibly leave such information accessible to the public there.
The second step – using a free password cracker
What do you do when you need to rip a DVD or find out how fast you Internet connection is? You look on the Internet for a free tool, of course. Surprisingly, this is all password hackers need to do, too. Websites like SecTools post dozens of free password cracking programs for anyone to use.
These tools can be instructed to automatically try thousands of passwords over a few hours. Hackers don’t try to attack your bank account with this – bank websites have beefed-up security that can recognize when someone’s trying to hack into their systems. Instead, they try the online forums you may frequent or your email. When they get a couple of username password pairings there, they try those on your bank account or other important accounts.
You’re probably wondering at this point – how do they know which online forums or email services you belong to and which banks you have accounts with?
This information is very easy to get – they just need to install unobtrusive spyware on your computer. It can look at all the cookies your web browser stores and figure out what websites you go to.
The most common passwords used in 2012. By the way, you should avoid using any of these.
1. password
2. 123456
3. 12345678
4. abc123
5. qwerty
6. monkey
7. letmein
8. dragon
9. 111111
10. baseball
11. iloveyou
12. trustno1
13. 1234567
14. sunshine
15. master
16. 123123
17. welcome
18. shadow
19. ashley
20. football
21. jesus
22. michael
23. ninja
24. mustang
25. password1
A few tips on how to keep yourself safe from hackers
Certainly, you need to follow all the well-established rules of strong password creation, using a combination of upper and lower case letters, numbers, and characters. You should also refrain from using the same password for every website you go to. The only way to remember all of these would be to use a program like RoboForm or 1Password.
There are a few other ideas to keep in mind – it isn’t enough to simply keep the password to your bank account safe. Many websites and banks will accept requests for password changes if they come from an email account that they have on record for a customer. All you need to do is to send them an email from that account, requesting a new password. Anyone who has access to your registered email account, thus, also has easy access to other accounts.