SECURE YOUR PASSWORDS

A secured password is one of the most straight forward ways to protect your account from a breach. The longer the password is and the more unique the characters included are, the harder it will be for a hacker to crack. This means you should avoid using commonly used words and phrases or words that can be found in the dictionary-instead, use things like numbers and special characters to diversify your password. When possible, utilize Multi-Factor Authentication (MFA). The more complicated the password is, the more secure your account will be. Keep in mind that your account contains a lot of sensitive information that you don't want to be exposed. As you can see, the stakes are high!

HOW BAD ACTORS STEAL PASSWORDS

When the word 'bad actor' is used in cybersecurity, it usually refers to cybercriminals - black hat hackers who do what they do for monetary gain. They may utilize malware, ransomware, or communications intercept. But whatever they do, it is to profit themselves. Malware is a frequent method of obtaining your passwords. Phishing emails are a common vector for this type of attack, but you could also be a victim by clicking on a malicious online advertisement (malvertising) or visiting a hacked website (drive-by-download). According to security experts, the Trojan Horse virus can also harvest credentials for dial-up Internet services from end-user computers. Infected individuals should update any passwords that may have been compromised, according to the experts.

HERE ARE A FEW TOOLS BAD ACTORS USE TO CRACK YOUR PASSWORD:

  • Phishing attack

    • Phishing is a form of cyber-attack where hackers try to deceive us into handing them sensitive data or clicking on malicious links through emails or other means of contact. This can be done by impersonating a trusted sender, such as a company or bank, and send an email that looks legitimate, but it contains a link that leads to a malicious website. Once weclicks on the link, they may be asked to enter personal information or login credentials, which the attacker can then use to gain access.

  • Password spraying & credentials stuffing

    • The main difference between password spraying and credentials stuffing is that in password spraying, the attacker uses a list of most used passwords to try and log in to multiple accounts, whereas in credentials stuffing, the attacker uses stolen usernames and passwords to gain access to multiple accounts.

  • Keylogging

    • Keyloggers are software programs which monitor your activities and provide hackers with access to your personal information. The passwords as well as credit card numbers you input as well as the websites you visit are all recorded by tracking your keyboard strokes. This software is installed on your computer but also captures every keystroke you make.

THE HISTORY BEHIND KEYLOGGING

Keyloggers were utilized in typewriters as early as the 1970s, predating the advent of PCs. A cybersecurity firm recently uncovered laptop audio drivers which monitor keystrokes inside the background. The problem was swiftly resolved, and the maker guaranteed the public that somehow a debugging feature had been inadvertently turned on with no keystroke data being shared to anyone. Another notable case from 2015 was indeed the discovery of a keylogger buried in a game hack for the popular game Grand Theft Auto (GTA).

Publicly accessible computers in communal places like libraries become particularly attractive targets for bad actors which utilize keyloggers. In 2014, it was discovered that a group of people put hardware keyloggers in hotels in Dallas, TX area. The Department of Homeland Security issued a warning to hotel businesses about keyloggers.

  • Brute Force

    • A brute force attack is a cracking method that criminals perform to decrypt your passwords in plain text in order to gain unauthorized access. Criminals also use some methods such as phishing, malware, data breaches, and others to perform brute force attack.
    Whenever your password is weak, attackers can crack it in less than 30 seconds.

A CHART TO SHOW HOW BAD ACTORS CRACK YOUR PASSWORDS

Number of digits of a password Uppercase + Lowercase letters Time taken to crack
5 YES 30 SECONDS
6 YES 11 HOURS
8 YES 10 YEARS
9 YES 1000 YEARS
  • Extortion Attack

    • Extortion typically entails a threat to the victim's person or property as well as to their family or friends. Extortion often involves the fear of violence or material destruction, but it can also include reputational loss. Cyber extortion is the act of cyber-criminals demanding payment by threatening to use hostile activities against a victim such as Denial of Service (DoS) attack.

    Hackers won't be able to access your account if you change your password. At the first sign of an assault, changing your account password limits the harm. Changing your password on a frequent basis might also help to increase security. Credentials stolen in data breaches are frequently old. Criminals who enter into computer networks with evil intent are known as black hat hackers. They may also distribute malware that deletes files, enslaves machines, or steals passwords, credit card numbers, and other sensitive information. In order to gain access to your internet credentials, a hacker will try to resemble trustworthy parties such as huge tech organizations (Microsoft), your bank, or even your loved ones. They'll try to manipulate your emotions and instill a sense of urgency in you. They'll even call you up on occasion! Email phishing is a typical method of phishing.

MOST USED PASSWORDS – DON’T USE THESE!

  • 123456
  • Picture1
  • 1234564789
  • Password
  • 111111
  • 123123
  • Senha
  • Qwerty
  • Abc123
  • 12345678
  • Million2
  • 12345678
  • Qwertyuiop
  • 123456a
  • Priya123
  • Rahul12345
  • Chatbooks
  • Princess
  • Iamdevil
  • Dragon
  • Pokemon
  • Superman
  • Bangbang
  • Monkey
  • Lovely
  • Asdfgh
  • Michael
  • Love123
  • Password1
  • Unknown
  • 000000
  • Default
  • Iloveyou
  • Aaaaaa
  • Passw0rd1
  • Secret555

KEEP IN MIND THAT YOUR PASSWORDS REVEAL EVERYTHING ABOUT YOU

PASSWORDS TIPS AND MANAGING:

  • Utilize a Password Manager such as LastPass, KeePass, RoboForm and 1Password to generate ultra-secure passwords for you. It also saves you from having to remember a bunch of different passwords or using the same one for multiple accounts.
  • Don’t store passwords in clear-text on your Operating System (OS) or sticky notes.
  • Avoid using items that can be associated with you.
  • Use Multi-Factor Authentication (MFA), a secure password is essential to securing your data from potential hackers, but what if your password is compromised? In order for the hacker to access your data, you not only need a secure password but Multi-Factor Authentication (MFA). This means that you need more than just password to access your accounts.

Copyright © 2025 | CYBERSECURITY | All Rights Reserved