These are the methods most used by criminals to crack passwords.

Passwords are one of people’s top security concerns. Many end up opting for words that are easy to remember, while others end up creating complex sequences of character combinations, but in general the harder the password, the more protected the account will be.

      Former cybercriminal gives tips for companies to protect themselves from ransomware
    • actions that you usually do and are dangerous for your digital security
    • Brazil registers , 2 billion cyber-attack attempts in the 1st semester

    In recent years, with the increase in cybercrime, a collective effort to get people to use stronger passwords began to be made, as accounts with weak passwords, such as the name of a pet, began to be increasingly seen as weak, making life easier for intruders.

    It is essential that people use strong passwords since, with the constant digitization of the world, a digital account in any s Service can contain a lot of sensitive data that, in the hands of criminals, can do enormous damage. So, to better prepare, it’s good to know some of the methods that attackers use to discover credentials.

    Want to catch up on the best tech news of the day? Go and subscribe to our new channel on youtube, Canaltech News.

    Every day a summary of the main news in the tech world for you!

    Invasion methods

Intruders use several methods to gain access to accounts for various services. A two-factor authentication can provide more protection and, in the event of a data leak, prevents criminals from accessing services from the password, with another layer of protection being required.

Check it out below are 6 of the most common methods that attackers use to discover user passwords over the internet. of leaked information: The simplest method, in a way. Criminals buy access to thousands of credentials made available by data leaks and then make bots keep testing all the information on websites until they gain access to an account. It differs from trying to force entry by guessing by entering random passwords until one enters, as what the bot is using as a credential is leaked information;

  • Bots trying to figure out the password

    : This method consists of intruders using bots that keep entering random combinations of characters to try to figure out a password. This approach is often used when criminals already have the email registered on the account. When bots identify a string that has managed to access the service, they send an alert to criminals;

  • Phishing: Phishing is one of the oldest scams on the internet, and yet it remains one of the most victimized. In this crime, criminals send messages to the victim impersonating a trusted institution, asking to access the link in the email. When users click, a page similar to the legitimate one appears, asking for credentials. The user believes, types, and has their data stolen.

  • Use of “Keyloggers”: This method happens when a computer is infected with a virus called “Keylogger”, which records every keystroke and makes them available to an attacker. Although in the description it seems extremely dangerous, it is one of the simplest to be solved, with a multi-factor authentication being enough for the password to no longer be the only credential necessary for the login;

  • Network Data Analysis

    : With certain malware, criminals are able to intercept and evaluate data packets sent over a network and identify passwords sent. In addition to viruses, devices that can be installed on routers can also allow this access;

  • Physical theft: Do you write your credentials in notebooks so you don’t forget? If one day your house is broken into, be careful, as a thief can understand that they are passwords and steal your notes. In general, it is recommended that you never write down passwords on objects that can be physically stolen. Often times a document in Google Drive with a password can be more secure than a notebook or external hard drive.

  • Are you worried about the strength of the your password? Google has a number of tips for creating strong credentials, some of which are listed below:

    • Use a different password for each important account;
    • use long passwords;
    • Do not use things that people close to you can guess as passwords ;
    • Do not use personal information, such as the children’s last name or name;
    • Do not use words and common patterns such as “password123” or “myname2134”.

    If you want to dig deeper and really understand how to create a strong password,


    has a complete guide on the subject. It is available here.

    Source: PCMag, ITPro UK, Google Blog

    Did you like this article?

    Subscribe your email on Canaltech to receive daily updates with the latest news from the world of technology.

    2134 2134


    Related Articles

    Back to top button