How Your Password Gets Cracked
We all know weak and overused passwords are a cybercriminal’s map to your online world of information. It’s one of the most common entry points into snagging your private information, allowing them to hack email accounts, install malware, steal identities, and much more. However, understanding just how this info is gained by the bad guys shines a light of help. Knowing how they work gives insight into stopping their success. Learning specifically how and why you’re vulnerable to attack is huge. For once, you may just understand how to stay a step ahead of cyberthieves.
Keyloggers. They are software and hardware tools placed nearby or connected to your computer. They detect every keystroke, number, letter, or character that you type. A good anti-virus/anti-malware software solution installed on your computer should detect and remove keyloggers.
Wi-Fi traffic. It’s monitored by a hacker using a simple application letting them watch all activity on public Wi-Fi. The software notifies the hacker when your name and password are entered. It’s not far from there for a hacker to run your information to gain access to your other accounts. This blows a gaping hole to your information when reusing the same login information.
Flawed Protocols. Hackers know that sometimes flaws exist in code that is used to exchange or encrypt passwords. When hackers find these vulnerabilities, they have likely hit the jackpot. Until these flawed protocols are found and corrected, keep security up to date, including security patches and the latest OS updates.
Spoofing Attacks. Knowing a website visited often lets spoofers create a closely identical copy of the same website. As far as you know, it’s the same exact site. You have no hesitation entering passwords and other kinds of information on the site, especially if you make a purchase. Stick to the real deal by typing the URL directly into the address bar yourself. Look for the usual security icons in the left of the URL, and make sure everything is spelled correctly. Beware of invalid certificate warnings and never visit a site with a certificate warning of any type.