To create a secure password that is impossible to crack we need to know the techniques used by hackers to steal them from us, here are the most used
When we need to protect one of our online accounts we almost always use a password to do so. Most of the time we try to avoid the most trivial mistakes and we are convinced that we have created an effective access code. To improve our cyber security, however, we need to study the techniques used by hackers.
There are basically seven different techniques that cyber criminals use to discover our online credentials. The first ploy of the hackers is called "Dictionary". This is a small file containing all of the world's most common passwords. It is called a dictionary because it often consists of letters or numbers all in a row. In fact, many simple passwords are created this way: 1234; qwerty, abcdefg, and so on. Protecting yourself from this hacker technique is very easy, just create a complex, alphanumeric password. It's better if it's a passphrase, that is, an access code composed of numbers, letters, and symbols that don't make sense.
Brute force
In addition to exploiting our laziness, hackers also use brute force. In this case, cyber criminals use more complex software that will try to guess our password, even if it consists of numbers and letters. It is a time-consuming technique, and if the hacker doesn't find the answer in a few minutes, he changes accounts. It is therefore advisable to create a complex password so as not to be discovered by the malicious software in a short time.
Phishing Techniques
One of the most devious and effective techniques used by cyber criminals to steal our credentials are phishing attacks.
These are emails sent by hackers who direct users to a fake site, convinced that it is the right one, where they enter the login credentials. At this point, it's child's play for a hacker to get the password. Phishing attacks can be found everywhere on the Net. On messaging apps, social media, websites and especially via email. To defend ourselves, we must always verify the URL and should never click on a link unless we are sure of the source.
Social Engineering Techniques
Social engineering techniques are very similar to phishing attacks. They are a series of deceptions that hackers carry out on online users to get them to enter confidential information where they shouldn't. To defend ourselves we must never take anything for granted on the Net. Sometimes even behind the message of a colleague or a friend can hide a hacker.
Rainbow tables
This is a technique used by the more experienced hackers. It involves buying on the dark web or stealing a series of encrypted accounts on the network. Using certain algorithms cyber criminals manage to find out, at least in part, our credentials by eliminating the protection of encryption. Rainbow tables is a very complex file that allows the hacker to test the part of password that he managed to decipher with all possible combinations.
Keylogger
We have already mentioned keyloggers. These are special computer viruses that record the buttons we press on our keyboard to steal any information we enter on the PC. They are usually installed on computers when we download a malicious document or a compromised attachment. That's why the advice to defend yourself against this malware is always to avoid downloading from untrustworthy sites and to avoid opening attachments in your inbox lightly.
Spidering
This is a technique used by hackers both for private users and for companies and SMEs. It involves trying to guess the password using networks of meaning, almost always given by proximity, to the user. In simple words if our company is in via Rossi in Milan. The hacker will try viarossi, or Milan. But if we build tires he will try also that word and all the others linked, for assonance, to our company or to our account. On the net there are some particular softwares, called spider, that are able to make a list of terms that could be passwords starting from some keywords inserted by the criminal.