You may notice it seems like you are constantly bombarded with reminders about changing your password. These annoying notifications always tell you to use ridiculous combinations. They suggest special characters and a random pattern that you can never remember password. That’s because the passwords they require are too complicated and change too often.
Over the years I’ve collected best practices from other cybersecurity specialists and will share that advice. After reading this article, you will understand why network administrators enforce certain password requirements. You will also know if changing passwords will make you safer from hackers.
Table of Contents
How Do Hackers Get Passwords?
Here’s a list of common ways hackers get passwords. This list is not exhaustive meaning there are any number of different ways. This list includes some of the most common methods.
- Phishing – Fake websites
- Viruses – Dangerous Downloads and Attachments
- Exploits – Programs have Security Flaws
- Social Engineering – Scammers Deceive People
- Human Error – People make Mistakes
- Corruption – Trusted People Steal
Behind the Scenes
There are many ways that hackers obtain access to passwords. The above list is a good start, but not exhaustive. The first way I will mention is phishing. Hackers create fake websites that pretend to be authentic financial institutions or others requiring a login. Once this trap is set, unsuspecting victims enter their username and password into the fake website, and it is sent directly to the hacker.
Another way your login information may be compromised is by viruses. If you download music, movies, or other programs, they may be fake. Also, e-mail attachments from people you do not know could be a source of the problem. These fake downloads and attachments contain viruses or keyloggers that give the hacker your personal information.
Hackers frequently capitalize on security flaws inside programs. They exploit problems in the internal code. An example is when a hacker enters their own code into a website’s submission box. The programmer never expected this code to be entered and it results in an undesired exposure of information from the website.
Social Engineering is one of the most popular ways hackers gain access to passwords. There are many different tactics but generally, it involves tricking someone into unwittingly giving away their information. This includes e-mails or phone calls from scammers pretending to be someone else.
Like social engineering, Human Error is another factor. You can distinguish between the two because human error may be unprompted. This includes sending an e-mail to the wrong person. The recipient then uses this information for their benefit. Also, a human error would be keeping passwords stored improperly and falling into the wrong hands as a result.
Finally, corruption is when a person who otherwise is authorized to access sensitive information including passwords use them improperly. An example would be a bank or motor vehicle employee taking the information available. This person then uses the information for their benefit or willingly provides it to someone they know should not have it.
Benefits of Changing Passwords Regularly
You may be wondering why you should keep changing your password if it’s not guaranteed to stop hackers. The first reason is that your information may be on the dark web following a data breach. Following a hack of the dating site Ashley Madison, members’ information was publicly released. You can read more about the Ashley Maddison hack in our article.
If your password is out on the internet, changing your password fast is a good idea before someone uses it. The other reason is to prevent the average joe from guessing your password. It’s possible a coworker or former spouse would have access to an old password and only by updating your password would you restrict their access. For these reasons, it’s still a good practice to change your password to secure your account.
What is the Best Way to Stop Hackers?
Avoid falling victim to phishing by not visiting untrusted websites. Double-check the website you are on starts with “HTTPS”. Especially when making purchases, ensure the name of the website is spelled correctly and ends in “.COM” or it may be a phishing website.
Do not download anything from untrusted sources. Downloads and e-mail attachments are common sources of viruses. Opening or clicking links in e-mails you don’t recognize could put you at risk.
It may be difficult for you to prevent exploits when your information is on a website you don’t control. But keeping your operating system such as Windows up-to-date is a good idea. There are often security updates that make your information less vulnerable.
Social Engineering hacks can be limited by staying updated on common trends. When you know what to avoid you are safer. Please excuse the biased suggestion but exploring our website at FixScam.com for related articles can prove useful.
A healthy level of skepticism is a good idea to prevent corruption. If you are in a situation where you have employees, keep them on a need-to-know basis. It can be helpful to spread information between multiple people so one person does not have full access.
To limit the chances of falling victim to the human errors discussed above, follow the best password practices discussed below.
Password Best Practices
How to keep your Password safe
|Keep your Password Safe|
|Use a Password Generator||Use Easy to Guess Passwords|
|Save Passwords in a Password Manager||Keep Passwords Written Down|
|Changing Your Password Frequently||Reuse Old Passwords|
|Use Different Password for Each Website||Use One Password for Everything|
|Keep Your Password Secret||Share Password with Other People|
Have a strong password by using a Password Generator. These tools are free, but one downside is the password can be difficult to remember. To fix this, also use a Password Manager so you don’t forget your password. This also makes sure your passwords are stored safely. Instead of writing down your password, they will be locked on your computer.
Keeping your username and password displayed or easily accessible is a bad idea. It would be like telling everyone what kind of car you drive and giving them the keys. If that’s the case, don’t be surprised when someone treats themselves to your stuff.
Changing your Password can be Easy
Remember, changing your password frequently can be made easy by setting an alert on your phone. You can also add a task to your e-mail program. This will remind you to change your password on a regular and reoccurring basis.
Use a different password for every account you have. These passwords can be similar but should ever be the same. A password manager as mentioned above will help organize them.
Never give your password to anyone, including sharing accounts. An example would be your Netflix login. You can’t control what they do with your information especially if you have a falling out. Also, if you use the same login for other accounts, you are more vulnerable.
When time allows, consider reading our related article Top Seven Tips to Improve Password Security.
How to Remember Passwords
As mentioned above, using a Password Manager is a great way to remember your passwords. Since they can be complex and you can have dozens of them, this just makes sense.
There are also easy-to-remember password generators freely available online. One drawback is easy to remember passwords are also easier to guess. Use these sparingly and add special characters to make them more complex.
As an overall help with memory, use word association tricks. They are simple ways to help you to remember your password because they can be related to your everyday life.
For example, you can start with the model name of your car. If your vehicle is a Ford Explorer, start with Explorer. Add a number that’s meaningful to you, such as the day your child was born. Your password is now Explorer17. Then substitute some letters for numbers and include special characters and uppercase letters. Your new password would be 3xP10r3R_17!
What to do if Hacked
One of the most important things you can do is act immediately. While it will not turn back the hands of time, it can limit the damage done. Don’t wait to act only once there is a problem. Take preventive measures such as checking your credit report and monitoring your bank statements.
We have an article about removing your email from the dark web.
Once you notice a problem, take an inventory of what was affected. You will need to know what information was potentially exposed so you can best respond. Filing a police report is a good start in case someone commits a crime using your information.
Continue by changing every password for all accounts you control. Make sure they are all unique to each other. Follow the best password practices above to avoid future problems in the first place.
Contact your bank and credit card companies to freeze your account. They can also flag your account so businesses would be notified if the scammer attempts future purchases. Requesting new account or card numbers so you can still use your accounts, but the stolen information becomes useless. Remember to update your automatic billing information for any utilities using reoccurring payments. This way things such as your power and phone bill are still paid.
One common computer attack is the Denial of Service (DoS) attack. We have an article about one version of the DoS attacked called Slowloris here.
Links and Resources
To change your Gmail password, you can reset it at the following link. This reset also changes your Google password since they are related. Reset Google password at https://myaccount.google.com/security. Under the header “Signing in to Google”, click “Password”. This brings you to the login page of Google where you can click “Forgot Password?” and change your Gmail password.
Netflix users can change their password by following this link at https://www.netflix.com/LoginHelp. This link takes you directly to the page where you can get a new password.
Change Yahoo passwords at https://login.yahoo.com. Click the “Forgot Username?” link once you get there.
Changing your password will not stop hackers. There are benefits to occasionally changing your password like protecting against other kinds of cyber threats. However, there any many ways for hackers to gain access to your account.
There is no foolproof way to stop hackers from stealing your password. There are too many methods for them to do this that are outside of your control. Since your information can be stored on computers and servers other than your own, hackers will infiltrate those systems. Despite this, it’s still a good idea to change your passwords frequently. Changing your password will prevent novice hackers and nosey amateurs from accessing your account information.
To stop some hackers, use a strong password and store it responsibly. Don’t have it written down and never give it to anyone. Use simple word associations to remember your password but format it in a special way using special characters or a misspelling.
Finally, if you are hacked, change your passwords for all accounts and make sure they are unique to each other. Contact financial institutions and have your accounts temporarily frozen or flagged. Requesting your card or account numbers to be changed can be a headache but well worth it in the long run.
If you found this information useful, help others by sharing it on social media using the buttons below.