It’s easy for millions of passwords to be stolen via hacking into Facebook, Twitter and Gmail accounts, I’m always preaching to people. I’m an analyst for online security.
Malware can be unknowingly downloaded into computers that extracted log-in information. The data is then directed to the hacker’s server. That’s one way your password can be attacked by a hacker.
A password is never 100 percent secure, but instead, more or less secure than others. Passwords can be hacked into in many ways:
Cracking security questions. It seems that most people use easily-traceable names for their secret question when registering a password, such as names of family members and schools they attended. This information is often on their social media profiles and, with a bit of legwork, can be figured out. Often, passwords include these names as well.
Simple passwords. The passwords of 123456, abc123, 11111, etc., are easy to type out and are also among the most common, and thus easily figured out. “Princess” and “querty” are also commonly used words.
Using the same passwords for different sites. One-third of data-breach victims in a recent attack had been reusing passwords. Password reuse for social media, banking and e-mail opens the gate to identity theft.
Dictionary attacks. Software exists that will run any word that’s found in a dictionary (or commonly misspelled words) into the password field. If you use these words, the software will eventually score a hit.
Social engineering. This is when a thief tricks a user into revealing a password (often by sending an “urgent” e-mail informing the user to visit a site where he “must” type in his password).
There is still hope that one day a way to design a 100 percent secure password will be developed, perhaps through a fusion of biometrics, multi-factor authentication and image-based access.
What can you do in the meantime to help prevent your password from getting hacked?
- Use non-traceable words for passwords and answers to secret questions.
- Avoid using passwords that flow easily off your fingertips like 67890, asdfg, etc.
- Never reuse passwords. Passwords for all accounts should be very different from each other.
- Invent names for your passwords that can’t be found anywhere. Avoid phonetic variations of common words or proper names. Don’t use backwards-spelled words.
- Make sure nobody can see you enter your password.
- Always log off if other people are nearby no matter how briefly you’ll be away.
- Use up-to-date comprehensive security software.
- Never use your password on a public computer, as this increases the odds of it getting hacked.