fbpx
Size of letters 1x
Site color
Image
Additionally
Line height
Letter spacing
Font
Embedded items (videos, maps, etc.)
 
City: Kyiv
067 218 10 04
Join EBA
Companies
Log in If your company is already a member of the EBA, here you can register or log in to a personal cabinet
Eng Укр

The Secrets of Cybersecurity: How to Secure Your Passwords from Hackers?

18/ 05/ 2021
  How do hackers hack your passwords?. One of the most common methods used by hackers to commit cybercrimes is password cracking. Experienced hackers use tested algorithms and methods to crack passwords. Let us look closer at how users’ passwords get into the hands of hackers: cyberattacks on the most popular online services resulting in the leaks of users’ personal data and passwords to the darknet. In April 2020, more than 500,000 passwords of the users of Zoom appeared in the darknet. Users often set up the same passwords for a number of services and, thus, hackers can simply use special bots to access users’ accounts on many resources; phishing messages sent to users that contain links to fake webpages of popular services. As a result, by following the link and entering his own credentials, a user gives hackers access to his real account on the server in question; installation on a computer or other devices of malware than can store and transmit users’ passwords to hackers; password spraying: checking the most popular password combinations to select the right one. Hackers applying this method usually have databases of usernames but do not know passwords and that is why they test the most popular combinations from different IP addresses so that to remain undetected; Brute force attacks with the use of special programs and server capacity. The bigger the capacity of servers, the higher number of passwords a hacker can test. At the same time, the users who create a password containing only a few symbols give additional chances to hackers to successfully implement a brute force attack and crack their passwords. Overall, depending on their goals, hackers may use either basic methods to crack passwords or apply complex algorithms. Taking into account the capacity of their servers, most hackers count on the use of simple password cracking tools and that is why users need to prioritize the security of their passwords so that not fall victim to cybercriminals. Mistakes made by users and how to avoid them when creating and managing passwords. In most cases, the key reasons behind password crackings are the mistakes made by users when creating passwords due to carelessness or negligence of basic password security rules. Let us look closer at typical mistakes made by users when creating and managing passwords that make them vulnerable to cyberattacks: Ignorance to check whether their passwords match with the most popular passwords that can be found on the Internet; The use of a single password for a few resources. For example, users may use the same password for their banking account, online store, and social networks. When hackers steal users’ personal data stored in social networks, they can access users’ online store account and order items. When users fail to set up two- or multi-factor authentication for their banking accounts, hackers may also access their funds. The use of typical password creation methods: children names, names of pets, dates of birth, names of historical places, and other common combinations are not strong passwords. Hackers may simply use the information found in users’ social networks to crack passwords; The use of default passwords, for example, for wireless routers. Although the producers of devices recommend changing default passwords immediately, users often ignore this recommendation. In their turn, hackers have access to the lists of default passwords and, thus, may easily try to crack users’ default passwords for devices or other systems; Saving passwords on a mobile phone or personal computer. When a device is infected with malware, hackers may get all users’ passwords; Too often change of passwords. Users create weak passwords to better memorize them or set up passwords used for other accounts. That is why the non-reasonable and too frequent change of passwords brings more damage than potential benefits; The use of a weak password for password manager application. As a result, when the user’s device appears in the hands of a hacker, the latter may easily access all resources the passwords to which are stored in a password manager. The same relates to users’ failure to log out of a password manager; Substitution of letters with figures when creating a password. The programs used by hackers easily detect such combinations. For example, the substitution of the letter “o” with the figure “0”; The negligence of two-factor authentication. Although this mistake is not directly related to the password management process, it leads to negative consequences. When users set up the two-factor authentication, hackers cannot achieve their targets only by cracking or stealing users’ passwords. Generally, there are a few common mistakes made by users when creating and managing passwords that make them vulnerable to cyberattacks committed by cybercriminals to access users’ personal data and money. That is why it is of the greatest importance for users to follow the basic recommendations on secure password management. Users can protect themselves from brute force and dictionary attacks by creating strong passwords and securely storing them. To minimize the chances for hackers to crack their passwords, users should follow the recommendations provided below: avoid making the typical mistakes described above. Seems to be very obvious but it is the most important recommendation; create non-standard passwords that do not contain simple combinations and personal data as well as substitution of letters with figures. For example, the password containing the names of the individuals associated with historical events may be considered strong. Hackers are likely to fail to crack such a password using a dictionary; use separate passwords at least for the resources where a user does not leave any confidential information or banking accounts data and the security of which cannot be verified. For example, users should use separate passwords for the sites where they play online games. This recommendation is of the greatest importance for users who use the same password for a few resources where they store private information; don’t disclose your password in any form to third parties as well as colleagues; upon detecting the hack of any account a user needs to immediately change passwords used for other accounts or resources that are the same as the password to the hacked resources; use special password managers. A user cannot remember a large number of complex and unique passwords. Unless he uses special programs, he can only write down passwords on a sheet of paper and always keep it at his fingertips (not a very reliable method). Passwords managers securely store all passwords and a user just needs to create a strong and unique password for the password manager application. An example of an effective password manager is HackenAI application developed by the leading cybersecurity company Hacken. Overall, by following basic recommendations on password management users can minimize the risks of being hacked by malicious actors and losing personal data and money due to password cracking. The better people are aware of the importance of methods to secure passwords, the fewer chances hackers have to achieve their goals.

How do hackers hack your passwords?

One of the most common methods used by hackers to commit cybercrimes is password cracking. Experienced hackers use tested algorithms and methods to crack passwords. Let us look closer at how users’ passwords get into the hands of hackers:

  • cyberattacks on the most popular online services resulting in the leaks of users’ personal data and passwords to the darknet. In April 2020, more than 500,000 passwords of the users of Zoom appeared in the darknet. Users often set up the same passwords for a number of services and, thus, hackers can simply use special bots to access users’ accounts on many resources;
  • phishing messages sent to users that contain links to fake webpages of popular services. As a result, by following the link and entering his own credentials, a user gives hackers access to his real account on the server in question;
  • installation on a computer or other devices of malware than can store and transmit users’ passwords to hackers;
  • password spraying: checking the most popular password combinations to select the right one. Hackers applying this method usually have databases of usernames but do not know passwords and that is why they test the most popular combinations from different IP addresses so that to remain undetected;
  • Brute force attacks with the use of special programs and server capacity. The bigger the capacity of servers, the higher number of passwords a hacker can test. At the same time, the users who create a password containing only a few symbols give additional chances to hackers to successfully implement a brute force attack and crack their passwords.

Overall, depending on their goals, hackers may use either basic methods to crack passwords or apply complex algorithms. Taking into account the capacity of their servers, most hackers count on the use of simple password cracking tools and that is why users need to prioritize the security of their passwords so that not fall victim to cybercriminals.

Mistakes made by users and how to avoid them when creating and managing passwords

In most cases, the key reasons behind password crackings are the mistakes made by users when creating passwords due to carelessness or negligence of basic password security rules. Let us look closer at typical mistakes made by users when creating and managing passwords that make them vulnerable to cyberattacks:

  • Ignorance to check whether their passwords match with the most popular passwords that can be found on the Internet;
  • The use of a single password for a few resources. For example, users may use the same password for their banking account, online store, and social networks. When hackers steal users’ personal data stored in social networks, they can access users’ online store account and order items. When users fail to set up two- or multi-factor authentication for their banking accounts, hackers may also access their funds.
  • The use of typical password creation methods: children names, names of pets, dates of birth, names of historical places, and other common combinations are not strong passwords. Hackers may simply use the information found in users’ social networks to crack passwords;
  • The use of default passwords, for example, for wireless routers. Although the producers of devices recommend changing default passwords immediately, users often ignore this recommendation. In their turn, hackers have access to the lists of default passwords and, thus, may easily try to crack users’ default passwords for devices or other systems;
  • Saving passwords on a mobile phone or personal computer. When a device is infected with malware, hackers may get all users’ passwords;
  • Too often change of passwords. Users create weak passwords to better memorize them or set up passwords used for other accounts. That is why the non-reasonable and too frequent change of passwords brings more damage than potential benefits;
  • The use of a weak password for password manager application. As a result, when the user’s device appears in the hands of a hacker, the latter may easily access all resources the passwords to which are stored in a password manager. The same relates to users’ failure to log out of a password manager;
  • Substitution of letters with figures when creating a password. The programs used by hackers easily detect such combinations. For example, the substitution of the letter “o” with the figure “0”;
  • The negligence of two-factor authentication. Although this mistake is not directly related to the password management process, it leads to negative consequences. When users set up the two-factor authentication, hackers cannot achieve their targets only by cracking or stealing users’ passwords.

Generally, there are a few common mistakes made by users when creating and managing passwords that make them vulnerable to cyberattacks committed by cybercriminals to access users’ personal data and money. That is why it is of the greatest importance for users to follow the basic recommendations on secure password management.

Users can protect themselves from brute force and dictionary attacks by creating strong passwords and securely storing them. To minimize the chances for hackers to crack their passwords, users should follow the recommendations provided below:

  • avoid making the typical mistakes described above. Seems to be very obvious but it is the most important recommendation;
  • create non-standard passwords that do not contain simple combinations and personal data as well as substitution of letters with figures. For example, the password containing the names of the individuals associated with historical events may be considered strong. Hackers are likely to fail to crack such a password using a dictionary;
  • use separate passwords at least for the resources where a user does not leave any confidential information or banking accounts data and the security of which cannot be verified. For example, users should use separate passwords for the sites where they play online games. This recommendation is of the greatest importance for users who use the same password for a few resources where they store private information;
  • don’t disclose your password in any form to third parties as well as colleagues;
  • upon detecting the hack of any account a user needs to immediately change passwords used for other accounts or resources that are the same as the password to the hacked resources;
  • use special password managers. A user cannot remember a large number of complex and unique passwords. Unless he uses special programs, he can only write down passwords on a sheet of paper and always keep it at his fingertips (not a very reliable method). Passwords managers securely store all passwords and a user just needs to create a strong and unique password for the password manager application. An example of an effective password manager is HackenAI application developed by the leading cybersecurity company Hacken.

Overall, by following basic recommendations on password management users can minimize the risks of being hacked by malicious actors and losing personal data and money due to password cracking. The better people are aware of the importance of methods to secure passwords, the fewer chances hackers have to achieve their goals.

If you have found a spelling error, please, notify us by selecting that text and pressing Ctrl+Enter.

Start
in the Telegram bot
Read articles. Share in social networks

← Back to log in

Spelling error report

The following text will be sent to our editors:

Send