How Did They Steal Your Password?

So, the worst has happened and one of your accounts got hacked. But how did the hackers get your password? Well, there are several possibilities.

Your Password Was Too Simple

There’s a reason many sites require passwords of a certain length. If your password is too short or simple, it’s easy for someone breaking into your account to use password cracking software to make lots and lots of guesses until they guess correctly.

You Used Publicly Available Information as Your Password

If you use information like the name of your hometown or the name of your pet as a password, it’s easy for people to research that information and make a smart guess.

You Used Publicly Available Information as Your Secret Question

Some accounts have so-called secret questions they ask you if you’re trying to reset your password. If the questions and answers you select are things that can be easily researched, then a hacker can break into your account without your password by getting the secret questions right and then changing your password.

You Wrote Your Password Down

An embarrassing number of people, including business leaders, have had accounts compromised because they wrote down their password information on a sticky note attached to their monitor. Or maybe you had your password written down on a document in your laptop . . . which just got lifted out of your car.

You Didn’t Change Your Password After Losing a Device

Speaking of stolen laptops, chances are, you’re logged into a number of accounts on your laptop (or smartphone, tablet, or whatever) right now. If a device gets stolen and you don’t change your passwords immediately, it’s easy to have your accounts stolen as well.

You Used Public Wi-Fi

Using public Wi-Fi comes with some big risks. It’s very easy for malicious users to do something called a man-in-the-middle attack with public Wi-Fi. Basically, they put themselves between the public Wi-Fi and your device, so when you do something like use your login credentials on a site while connected to public Wi-Fi, they collect your information. Be very careful when connecting with public Wi-Fi.

We understand. The average person has a few dozen passwords and it’s hard to remember them all. But if you reuse passwords, then a thief only has to obtain one password to get access to multiple accounts. And that’s very easy to do. Say you have an account with a cable company that suffers a breach. Cybercriminals might have your account information from said breach. If the password for your cable company account is the same as, say, your Amazon account or your PayPal account, the cybercriminals will be able to access those as well.

You Didn’t Change Your Password After a Breach

Speaking of breaches, they aren’t uncommon. Most companies have the good sense to encrypt usernames and passwords, but sometimes they don’t. If you read about a site or service you use suffering a breach, change your password with them ASAP.

A Keylogger Recorded Your Login Credentials

A keylogger is a type of malicious software that records every key you type. The best defence against keyloggers and other types of malware is good antivirus software.

The Bottom Line

There are many ways you can prevent password theft. Create simple but effective passwords. Use two-factor authentication. And if you have too many accounts, consider a password manager and ensure that your accounts are simplified and organized.