I have spoken a lot about creating strong passwords. While I mostly talk about security related to WordPress blogs, these apply to any website you login to. No matter how many times I talk about secure passwords, users still create simple passwords that the hackers have no trouble breaking. So, let’s see how a hacker determines your password. If you understand this, you will see the importance of picking a strong password.
Even when a user doesn’t pick an easy password like ‘password’ or ‘123456’ they can find that they have still been hacked. That’s because hackers have gotten very smart at cracking passwords.
- Variations – The programs these hackers use allow them to try many variations. So simply placing a number or character at the end of your password will not make it any securer.
- Tricks – Hackers know most of the same tricks you do for coming up with a password. They know that a person replaces certain letters with numbers or symbols. They know that a person replaces phrases, words or quotes. If you read about a trick to make your password stronger, remember the hackers likely also read about it and so will implement it in their hacking schemes.
- Predictable – You may think your password is random, but it likely isn’t. People are much more predictable than you might think, and the hackers will take advantage of that. If you think choosing a phrase from the Bible, is safe think again. If you think a phrase from a literature piece is safe, you’d be wrong. Hackers use dictionaries to find words that can be used as passwords, but they also use tools like YouTube, or Wikipedia, to name just a couple, to discover the most common quotes and phrases, to learn what slang is currently popular, and even to find words that have been made up online.
- Password Breaches – Whenever hackers explore a volume of password data, they are able to get a better understanding of just how people arrive at their passwords that goes far beyond common words and phrases.
- Brute Force – There is no question that often hackers will rely on what are called brute force technique, which will run through millions of password combinations in short periods of time. Hackers can use these tools offline so using login limiters is of no benefit in these situations.
Hopefully, you have a better understanding of how hackers figure out your password. And hopefully, this will encourage you to create a stronger passwords.