5 Ways Passwords and Other Data Can Be Stolen From Right Under Your Nose

Christian Cawley 27-01-2015

Your password is you. It’s the key to your life. Whether it unlocks your email account, your computer or your smartphone, the password is vital to your online persona, the usernames, website accounts, perhaps banking and credit cards, cloud storage, and even gaming accounts.


If you lose your password to criminals, your entire existence can potentially be rewritten. At best, you can expect to find some mischief conducted on a Twitter or Facebook account, but at worst… well, the risk of identity theft is something that we’ve explained previously, and the warning signs can be spotted 6 Warning Signs Of Digital Identity Theft You Shouldn't Ignore Identity theft isn't too rare of an occurrence these days, yet we often fall into the trap of thinking that it'll always happen to "someone else". Don't ignore the warning signs. Read More  if you know what you’re looking for.

You’ll be surprised, perhaps even horrified, at just how easily your password and other data can be stolen.

1. You’re Using A Rubbish Password

Passwords are tough to get right. It’s easy enough to think of one; but if it’s easy for you then there is a good chance that it is easy for someone else too – especially if they know enough about you.


Even if they don’t, tools exist that can make the task of guessing a password simple by using the “brute force” approach of generating hundreds, even thousands, of passwords a minute to find the right combination.


While no password can be 100% secure, we can at least ensure that our secret codes remain difficult to guess by employing techniques to create a secure password that you can remember 6 Tips For Creating An Unbreakable Password That You Can Remember If your passwords are not unique and unbreakable, you might as well open the front door and invite the robbers in for lunch. Read More .

2. Hardware Devices Are Sniffing Out Your Keystrokes

How secure your data and passwords remain, however, depend upon the determination of the person attempting to hack you. If they really want your data, they’ll probably get it.

One method is by using keyloggers, software or hardware tools that can be connected to a computer or placed nearby that will detect every keystroke, each letter, number or character that you type. As long as you have a good anti-virus/anti-malware solution installed on your computer, a software keylogger should be detected and removed without any trouble.

Traditionally, hardware keyloggers were placed between the keyboard connector and the socket on the back of your PC (AT/XT, PS/2 or USB), out of sight. These days, however, the threat comes from a completely new source, sniffers that detect keystrokes sent wirelessly. Such an example is this USB charger that detects keystokes transmitted from keyboard to PC wirelessly from Microsoft-manufactured keyboards, called KeySweeper.


Designed to exploit a weakness in Microsoft’s wireless keyboards, it is actually a surprise it has taken so long for anyone to exploit the vulnerability commercially – it’s been known about for quite a while.

Protecting against the KeySweepter is simple. Buy a new, non-Microsoft keyboard – preferably Bluetooth.

3. You Give Your Password Away Voluntarily

Perhaps the most frightening way in which your data can be stolen is when you share your password voluntarily, having been fooled by a supposedly trustworthy website or email.



Phishing is the name of the technique used to part you from your personal information What Exactly Is Phishing & What Techniques Are Scammers Using? I’ve never been a fan of fishing, myself. This is mostly because of an early expedition where my cousin managed to catch two fish while I caught zip. Similar to real-life fishing, phishing scams aren’t... Read More , passwords, name, date of birth, etc., and it is a popular tool for scammers. Over the years they have refined their craft. Changes in technology don’t necessarily mean things are more secure – for phishers, they just need to become more sophisticated, using modern and refined methods to get results.

Not only should you be on the lookout for suspicious emails, however, you should also be aware that Android apps can be used to steal your passwords Stealing Passwords With An Android App Is Easy: Learn How To Protect Yourself You read that headline right: If you and I were on the same WiFi network, I could probably log in to some of your sensitive accounts — and I'm not even a hacker. This is... Read More .

4. Your Phone Is Leaking Personal Data Everywhere You Go

While the 1s and 0s aren’t exactly spilling out of your USB port, there is a strong chance that the presence of NFC on your phone can enable hackers to upload malware How Does a Drive-By NFC Hack Work? What is NFC, why is it on your phone, and does it present a security risk? Here's everything you need to know. Read More  from their own devices. Near-field communication is inherently insecure, relying on trust between device owners. The problem is that it can work without the devices touching.



Of course, you might find yourself accidentally bumping into people – or them to you – out in the street. The risk here should be obvious. With malware installed on your phone, the attacker can begin downloading personal information, or install a keylogger and have everything you enter (or even say) uploaded to them.

The best way to stop this is to disable NFC, but if you really must have it activated, make sure you’re wearing the right clothes Amazing Attire That Protects Your Privacy & Security When You're Out Personal digital privacy and security get more complex all the time, but now there's a new way to protect yourself. If you're concerned about pervasive suveillance and RFID hacks, these clothes can help. Read More .

5. You Left Your Smartphone, Tablet Or Laptop Unattended

No doubt the most obvious way to stop your data being stolen is to ensure your hardware is kept well away from the thieves. For computers, copying data from a stolen device can be simple even if it is password protected thanks to live Linux distributions that can read the HDD unless it is encrypted.

Along with taking reasonable steps to secure your portables with passwords What You Really Need To Know About Smartphone Security Read More , we recommend taking steps to protect smartphones from theft Don’t Be A Victim: Practical Tips To Protect Your Smartphone From Theft Considering the cost of a new smartphone, most of us are extremely casual about how we treat them. But keeping tabs on your smartphone isn’t difficult. Keeping it safe from the possibility of theft is... Read More , perhaps even employing “uglification” to make a high end device look unattractive The Art of Stopping Phone Thieves With Uglification Smartphone theft worldwide reached epidemic proportions in 2013, prompting manufacturers, like Samsung, to announce plans to create a device kill-switch. The kill-switch design will turn stolen phones into lifeless hunks of glass and plastic. Can... Read More .


For desktop computers and other home office equipment, meanwhile, secure your hardware with locks and alarmed cases How to Stop Your Entire Desktop PC or Home Office From Being Stolen Laptops are obvious targets for thieves, but is your desktop PC secure? Here's how to physically secure a desktop computer. Read More that will frustrate and deter anyone trying to get hold of your data.

Security tools such as the cross-platform Prey can be installed on your hardware to enable tracking in the event that it is stolen Use Prey & Never Lose Your Laptop Or Phone Again [Cross-Platform] Here’s the thing about mobile and portable devices: since they aren't tethered to anything, it’s almost too easy to lose them or, worse, have them stolen from right under your nose. I mean, if you... Read More . Should this occur, you can usually protect your data by initiating a remote wipe of the device storage. However on Android this doesn’t always help as data recovery tools can be used to find the deleted information, so it is a good idea to make sure your phone storage is encrypted Can Android Data Be Recovered After a Factory Reset? Can data be retrieved after factory reset on your phone? Here's how to perform a factory reset on Android, plus common answers. Read More  (also applies to iPhone). This may slow things down a little, but this is a small price to pay.

Digital cameras also store personal data – in the form of potentially valuable photos – and while it is tough to track them down, it is possible thanks to the Lenstag security service Stop! Thief! Prevent Your Camera Being Stolen With Lenstag Read More that uses EXIF metadata to reunite people with their hardware.

It’s time to stop giving the scammers an easy ride, and make your data safe. Follow these tips, and keep your digital life in your own hands. If you have any suggestions of your own to add, please share them below.

Image Credits: Woman nose Via Shutterstock, Password Combination via Shutterstock, Phishing via Shutterstock, NFC via Shutterstock, Theft via Shutterstock

Related topics: Online Security, Password, Phishing.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Mike
    December 17, 2015 at 11:33 pm

    I don't understand why password fields cannot be programmed for a short delay between password attempts.At least that way,you defeat brute force attackers.

  2. Charles
    February 24, 2015 at 2:52 pm

    KeyStrokeEncryption will lock down your KeyStrokes at the kernel level along with 2 factor authentication will Lock down your data at it's source of origin. For more info see Cyber Security for Parents . com There are many endpoints to cover in your defence of your web properties and social media platforms.

    • Christian Cawley
      February 24, 2015 at 3:31 pm

      Thanks Charles, we'll check that out.

  3. zulqarnain
    January 30, 2015 at 6:33 pm


  4. Stevie
    January 29, 2015 at 8:55 am

    What is NFC?

    • Leah
      January 29, 2015 at 6:53 pm

      Near Field Communication

  5. giampaolo44
    January 28, 2015 at 9:52 pm

    Use double factor authentication; probably a good idea is to use a vault service for creating and storing passwords (example: Lastpass); get a One Time Password device like Youbico's Yubikey.