Trying common passwords
The first thing a hacker tries when trying to snoop into your personal accounts is 'trying random common passwords'. It may sound silly but most average internet users still use passwords that consists of few letters. Although, trying common passwords are not always a hit, but they're worth trying and if it the hacker makes a hit, he'll just probably sit back and pop a little whiskey.
Using repeated passwords
Should a hacker still fail to guess a password, they’ll have
to start breaking out some true hacking skill – but perhaps not much. Most
people use the same password on multiple sites, and many use just one password
for everything. Hackers know this, and they also know that many sites have weak
security.
Using the information found while reviewing your social
networking profiles, a hacker may be able to identify sites you visit. Some are
sure to be heavily guarded, e.g Facebook, Twitter, Instagram. However, in a technical sense, nothing is really guarded in the cyber world. If Yahoo and other Top IT companies can be hacked, then real internet security is just a mere dream. So if the hacker visits a low guarded site, he extracts your account information from the site and unluckily for you, you happen to share the same account login information with the site the hacker;s trying to get in, thats an easy way of saying "You have been hacked".
Phishing
This is the one of the most commonly used tools by cyber-crimetivists. It is the most commonly used method because it actually depends on how the hacker tricks an unsuspecting internet user to follow up on a link and input login details into the site. This login details is now stored on the server, and the hacker can access later on and input on the desired website. Common examples are fake facebook login pages.
 |
| Fake Facebook login page. |
Keylogger attack
This hacking tool is very similar to Phishing and is
generally spread through malware infection. The victim is usually trapped into
installing a keylogger on his/her PC/Laptop by clicking on an attachment is
sent to victim email. The moment you download the attachment, it scans through
your browser. Once installed, the keylogger records all your Internet activity
which is than relayed back to the command and control servers.
BruteForce attack
Brute force is about overpowering the computer’s defenses
by using repetition. Brute force attack is a random trial and error method
hack repeated till the password is finally cracked, However some websites or companies have a trial limit. For example, If a user inputs a wrong password more than 3 times, the system automtically locks out the user for a specific period of time; thereby, reducing the probability of hackers gaining something out of bruteforcing. Hackers randomly keep applying
names and numbers to crack password through this pattern. Sometimes, a lot of
guesswork is also used to decode password. Arithmetic numbers, birth date,
pet’s name, favourite actor’s name are the password that users commonly use.
Rainbow table
This method requires a good knowledge of computers and
coding.Rainbow Tables are basically huge sets of precomputed tables filled with
hash values that are pre-matched to possible plaintext passwords. The Rainbow
Tables essentially allow hackers to reverse the hashing function to determine
what the plaintext password might be. It’s possible for two different passwords
to result in the same hash so it’s not important to find out what the original
password was, just as long as it has the same hash. The plaintext password may
not even be the same password that was created by the user, but as long as the
hash is matched, then it doesn’t matter what the original password was.
This allow for passwords to be cracked in a very short amount of time
compared with brute-force methods, however, the trade-off is that it takes a
lot of storage (sometimes Terabytes) to hold the Rainbow Tables themselves,
Storage these days is plentiful and cheap so this is not a big issue for
hackers.
What do you think you can do to secure your passwords? Kindly leave your comments in the comment section.Thanks for reading!
Advertisement
