If one of the passwords you are using is listed in this article, consider changing it as soon as possible

4 tricks to steal passwords

Along with the Internet boom, cybercriminals find many ways to identify the passwords you use.

A new study from Dojo that looked at more than 6 million of the most hacked passwords discovered a group of passwords with a common formula, length and popularity – they also appear in a large number of attacks. labour.

However, first we need to find out how cybercriminals use to get your password. The most common trick is to use automated tools that run millions of potential passwords every second to find the correct password.

The second trick is to check common words and phrases to try to guess the password. To do this, cybercriminals will scour the target’s social media accounts for details that might appear in the password.

This is followed by sending an email, text or phone call to the target to reveal the password themselves.

And finally infecting the target’s computers and other devices to steal passwords.

What types of passwords are most commonly hacked?

Based on Dojo’s findings, passwords with only lowercase characters are very common and also vulnerable. It took almost no time for cybercriminals to crack a 6-character password, which took 0.12 seconds with 7 characters and took 3 seconds with 8 characters.

Even adding uppercase letters or special characters won’t help much if the password is too short or follows a familiar formula.

Passwords starting with a capital letter with 8 characters have appeared in more than 4.5 million hacks, and passwords ending with a special character have been found in over 3.5 million attempts.

Next is the subject of the password.

Among the topics analyzed by Dojo, nicknames and intimate terms in passwords appeared in more than 1 million attacks. Names of TV characters appear in more than 455,000 times, TV show names appear in more than 365,000 times.

Other commonly attacked topics include color phrases, fashion brands, cities, countries, movies, body parts, car brands, pet names, swear words and characters in video games.

How should I set a password for security?

Based on analysis of hacked passwords, Dojo has compiled a list of do’s and don’ts to put in a password to make it safer and more secure.

Should:

+ Combine lowercase and uppercase letters, numbers and special characters and password length from 8 to 12 characters. The bottom line is that the longer the password, the more time and effort it takes to guess it.

+ Use multi-factor authentication – even if cybercriminals get the password, they won’t be able to log in without multi-factor authentication.

+ If you are concerned that a particular password has been hacked, change it as soon as possible.

+ Creating and remembering a complex password is almost impossible without help. A good password manager will take care of this, and you only need to remember a single master password.

Should not:

+ Do not use any personal information (personal name, date of birth, address, pet name…) in the password. Cybercriminals can discover them through social networks or other sources.

+ Don’t use common words and phrases like 1234 or qwerty. Cybercriminals will usually try to enter these characters first.

+ Do not share your password with others unless you plan to change it later.

+ Do not automatically save passwords to web browsers, especially when other people are using your devices.

+ Do not use the same password for multiple accounts. Cybercriminals will most likely retry compromised passwords in subsequent attacks.