Pinterest Stumbleupon Whatsapp

hack passwords When you think of a serious security threat, you may think of some clever malicious program that steals your data or takes over computer. In reality, you’re just as (if not more) likely to be hit by a much simpler breach – a hacked password.

Once someone has your password for an online account, they can use it however they like. There are a number of methods commonly used to obtain a password, and knowing them can help you protect yourself.

Trying Common Passwords

hack passwords

Any hacker trying to break through a password will first try the most common passwords in the book. Silly though it may seem, a disturbingly large number of people rely on passwords that consist of just a few common numbers of letters. Even the word “password” is commonly used as a password.

Hackers know this, and can reference common passwords to try and gain entry. Though it won’t work on most passwords, it works frequently enough to be worth a try. If successful, the hacker can lean back and sip his Mountain Dew.

How to Protect Yourself: This one is simple. Don’t use common passwords. This includes single words, popular phrases, and simple combinations of a particular character type (like numbers). Even passwords like “superman” and “dragon” are common enough to earn mention in some studies of commonly used passwords.


Social Engineering

how to hack passwords

If commonly used passwords don’t work, and a hacker knows the owner of the password they’re trying to bypass, social networking can be used to try and figure out what the password might be.

Hackers know that people who don’t use common passwords are still likely to use passwords that have some personal significance. The password might be the name of a pet or a favorite TV show. Such information is often included on social networking profile.

Should trying this tactic still not work, the information available on a social network can be used to construct phishing attacks. Perhaps the target lists that they play a popular online game. A fake email could then be sent asking for password information or linking to a site where password information must be entered.

How to Protect Yourself: There are two steps you can take here. One is to make your social network private 10 Solid Tips to Safeguard Your Facebook Privacy 10 Solid Tips to Safeguard Your Facebook Privacy Read More to people who are not your friends, and the second is to make sure that you don’t use information about your personal life to form a password.

The Weakest Link

how to hack passwords

Should a hacker still fail to guess a password, they’ll have to start breaking out some true hacking skill – but perhaps not much. Most people use the same password on multiple sites, and many use just one password for everything. Hackers know this, and they also know that many sites have weak security.

Using the information found while reviewing your social networking profiles, a hacker may be able to identify sites you visit. Some are sure to be heavily guarded. Others, however, probably aren’t. They may be vulnerable to simple exploits that allow for the retrieval of stored passwords, and the owners may never even realize they were hacked. Alternatively, a brute force attack might be used.

How to Protect Yourself: Don’t use a single password for every website. Ideally you should use a different password for every site, but that can be difficult. A compromise you might find effective is to use the same password for low security risks, like a blog you visit and comment on, but use unique passwords to protect more important accounts, like your web mail. Yet another option is to use a password manager Password Manager Battle Royale: Who Will End Up On Top? Password Manager Battle Royale: Who Will End Up On Top? Read More .

Sniffing Wi-Fi Packets

how to hack passwords

Open wireless networks can be a nasty security issue because they are – well – open. Information transmitted on them can be picked up by anyone within range of the network, and that includes passwords.

Wi-Fi sniffing can be utilized either personally or impersonally. If someone is trying to hack your passwords specifically, they might see if you frequently visit a place with open Wi-Fi, like a coffee shop. Or a hacker might just set up an operation in such a location and pick up as many passwords as possible.

How to Protect Yourself: One answer is to just not use open Wi-Fi, but that’s not a realistic expectation for everyone. If you do use open Wi-Fi, make sure that you do not log in to sensitive accounts. If you have varied your passwords, you’ll be safe if a hacker obtains your less sensitive passwords. Also use HTTPS whenever possible. Many sites can use it, but some offer it only as an option.


hack passwords

Like sniffing Wi-Fi, keylogging 4 Ways To Protect Yourself Against Keyloggers 4 Ways To Protect Yourself Against Keyloggers Keyloggers are one of the most well known and feared security threats on computers today. There are many ways to protect against keyloggers, however, and ensure that you don't become a victim of identify theft... Read More can be used personally or impersonally. Using information gained about you while attempting to guess your password, a hacker might find a way to send you a file that you think is legitimate but actually contains a keylogger. Once installed, it can detect your passwords as you enter them.

A keylogger can also be installed as a part of any piece of malware to hack passwords. The information can then be transmitted to a location where it is compiled and passwords found. Such wide-scale keylogging attacks don’t focus on any particular person, but can be just as damaging.

How to Protect Yourself: Security software can help detect keyloggers and prevent them from being installed on your system. You can find effective solutions for free, so there’s no reason to skip it.


Do you have any tips that can help beef up password security? Let us know in the comments. Makeuseof readers are likely to be a bit more security-aware than the average, but nobody is perfect. Sharing information can help us keep our passwords as strong as possible.

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Mor
    September 2, 2017 at 8:20 am

    Well im actualy someone to try to hack someone who i hate lol... this kinda helped

  2. qwame
    May 31, 2016 at 12:00 am

    my uncle used to work for a private cyber-security firm about ten years ago, sometimes he hacks us just for fun, smh

    • saurav
      June 1, 2016 at 9:24 pm

      can we meet somewhere else on internet?

    • Byul 08
      October 15, 2016 at 6:48 pm

      Can you ask him how he do it??

    March 14, 2016 at 1:48 am


  4. Alaina
    February 23, 2016 at 2:43 am

    Or just dont hack pll

  5. Jeff Fabish
    December 21, 2011 at 1:27 am

    Good article, Matt!

    On open WiFi hotspots, you can also use a vpn to encrypt your traffic.

    Blackhats may use 'password lists' or 'dictionaries' which contain passwords that hackers have had success with. Anyone can download these lists (they can be quite large), I suggest everyone does so, then compare the password that they are using to that list. If it's on that list, your password is vulnerable to this attack. There are several tools that will run your password through this check.  

    I can't stress enough how important it is to limit the information you expose on your profile. Simple things like when someone you don't know messages you asking you what time it is. Sounds innocent enough, right? Well that can be used to pinpoint your location via your time zone. Remove 'friends' you don't speak with and applications you don't use.

    The easiest method to get someones password is by using a trojan. People are still too trusting when it comes to opening & running applications. Only download applications from websites you trust and scan all the files you download with your local anti-virus/anti-malware along with an online scanner, such as Virus Total or Jotti. If you run Windows default configuration, showing file extensions for known file-types is disabled. What this means for you is that Windows will show a file as being "Image.jpg" (not an executable) when in reality it may be "Image.jpg.exe" (executable).

  6. Matthew Ashman
    December 20, 2011 at 5:57 pm

    Regarding keylogging, a good ploy is to type your password into a new plain text file (using Notepad/GEdit/Kate/whatever) when you start your session, then copy+paste each time you need it, and obviously not save the file when you exit your session...

    • Jeff Fabish
      December 21, 2011 at 1:09 am

      Either way, it will have been typed and the keylogger will have recorded it. More over, most keyloggers have a peak-clipboard ability, where it can view whats in the clipboard. 

    • Garfield Barnes
      September 20, 2016 at 3:17 pm

      Another good tip is to use an on-screen keyboard, therfore the keylogger will only detect you left-clicking on your trackpad/mouse. Easy bypass, i do this all the time

  7. Sheila Warner
    December 20, 2011 at 4:54 pm

    Always check for password strength before using them for your accounts. A combination of upper case, lower case letters including numbers and special characters is a must. other than that, use an anti-logger, personal keyscrambler and a browser protection plugin that prevents hijacking.

    • Jeff Fabish
      December 21, 2011 at 1:16 am

      Keyscrambler is a good utility, but highly fallible. KeyScrambler works by using a driver-intercept on the Windows kernel to encrypt keypresses just after the TranslateMessage() function is called. TranslateMessage is responsible for taking peripheral device input and assigning it an ID so that Windows knows what key the user pressed. If malware manipulates the message, keyscrambler is completely useless. 64 Bit Windows users are immune to this attack, as it doesn't allow the Windows kernel to be patched.

      Likely? Not unless the programmer had a detailed understanding of Win32 programming, which most don't. Most keyloggers are downloaded from underground forums, modified slightly (to offset anti-virus signatures) and binded to a trusted application. 

      You can detect a binded application several ways, the easiest of which is to download the software directly from the authors site and compare the file's hash with the original. If they don't match, something was modified.

    • Aaron Baker
      December 18, 2016 at 9:57 pm

      Actually, mixing character types is fairly minor. Password strength (against brute force hacking) is based on the number of characters available to the power of the length of the password. A length 15 password with only upper and lower case letters is 5.5 times 10^25 possibilities. A length 12 password with special characters and numbers is 1.9*10^22 possibilities. Length, not extra characters, is what makes a password more secure. Also a letters only password is easier to remember and harder for a keylogger to realize as a password. DoraIsMyExplorer is more secure than ANY 12 digit password. But don't take my word for it:
      Oh, and just to rub it in, 1.38 (72/52) times as many possible characters only makes your password 1.38^length more difficult to hack, so for a 12 digit password, 47 times as hard, or less improvement than adding 1!!! letter to a all letters password!