Quote Originally Posted by Dhiya View Post
What are the @low-tech@ methods that hackers have used to obtain login names and passwords? Do you have any crazy ideas? Give awareness from password hacking by giving your ideas.
There are some common ways hackers use to crack login details and there are softwares for that as well.

1. Dictionary Attack

A dictionary attack is the simplest and fastest password cracking attack. To put it simply, it just runs through a dictionary of words trying each one of them to see if they work. Although such an approach would seem impractical to do manually, computers can do this very fast and run through millions of words in a few hours. This should usually be your first approach to attacking any password, and in some cases, it can prove successful in mere minutes.

2. Brute Force Attack

Brute force is the most time consuming approach to password cracking. It should always be your last resort. Brute force password cracking attempts all possibilities of all the letters, number, special characters that might be combined for a password and attempts them. As you might expect, the more computing horsepower you have, the more successful you will be with this approach.

3.Rainbow Table

Most modern systems now store passwords in a hash. This means that even if you can get to the area or file that stores the password, what you get is an encrypted password. One approach to cracking this encryption is to take dictionary file and hash each word and compare it to the hashed password. This is very time- and CPU-intensive. A faster approach is to take a table with all the words in the dictionary already hashed and compare the hash from the password file to your list of hashes. If there is a match, you now know the password.

4.Key Logger/Malware

Another sure way to lose your login credentials is to fall foul of malware. Malware is everywhere, with the potential to do massive damage. If the malware variant features a keylogger, you could find all of your accounts compromised. Alternatively, the malware could specifically target private data, or introduce a remote access Trojan to steal your credentials.

5. Social engineering and phishing also can be used to obtain login details


How can you protect yourself from hackers

1. Use strong passwords
2. Keep your anti virus/anti malware upto date
3. before you enter your credentials, always check the legitimacy of the URL
4. Change password routinely
5. Always check the legitimacy of the emails you recieve
6. Do not download unauthorized application