Have you ever wondered just how criminals manage to steal people’s passwords?
– tricking someone into clicking on a link in a phishing email
– using the same password stolen from a data breach to attack other websites the user would likely have an account on
– using a number of commonly used passwords against the user account
– attacking a poorly secured website and stealing their password database
– watching someone as they type in their password
– guessing it based on their pets name, children’s names, dates of birth, etc
– recording (sniffing) the password as it is transmitted over the network
– installing a virus which watches what you type and sends it back to the attacker
– plugging a physical keylogging device between your keyboard and the computer
It’s often said that an attacker only has to get it right once to succeed, while the defender has to get it right all of the time.
If you’re interested in getting a free copy of my guide to password security, feel free to drop an email and I will send you on a copy.