How Do Passwords Get Stolen? Answered
List of Ways How Stealers Break In and get your account credentials:
1. Wi-Fi Traffic Monitoring Attacks
Have you ever connected to a public Wi-Fi and logged into any accounts? Then your password could’ve already been stolen. A common attack is Wi-Fi traffic monitoring, where a hacker uses a simple application that can easily be downloaded from the internet for free to watch all traffic on a public Wi-Fi network. Once you enter your username and password, the software notifies them and the hacker intercepts the information. Simple as that—they now have your username and password for that site. It only takes a few more minutes to use a program like the one above to try other sites you may have used the same password and login combination on.
2. Phishing (Tab Nabbing)
Phishing attacks over the years have become more sophisticated. Say it’s your bank, and to confirm your purchase on your debit card, they ask you to click on a link. The website looks legit, but it’s actually a fake site that looks exactly like the real site—hence, they’ve “nabbed” your tab. When you enter your credentials, the site redirects you to the real site. Boom, they have your info. In some cases, the fake site will ask for additional info including Social Security or Social Insurance Number. So...“Beware of links in dodgy emails.”
3. Key Logger Attacks
4. Brute Force Attacks
Most passwords are simple and can be guessed within a specific number of tries. “123456” is still the most common password on the planet. I think we’ve all had the experience of forgetting what password we used on an account and trying all of the passwords we have been using in the last few years; you know that if you try enough of them, eventually one will be right. Hackers use tools that can crack your password by simply entering different passwords over and over until it’s cracked; these tools can easily be downloaded for free. Within 24 hours, most passwords are cracked and the hacker has access.
5. Mass Theft
More than half of internet users, use the same 'Username' and 'Password' for all their accounts. Hackers run programs that enter stolen username and password details on tens of thousands of sites until one hits. Then they have access to your accounts and credentials. If you use the same username and password on all accounts, that can leave you extremely vulnerable. If you use different, complex passwords, though, it’s near impossible to remember everything, which is what makes some people just write them down, defeating the purpose. Others just use the same old password on everything.