How hackers get your password

One way of keeping ahead of hackers is by knowing how do hackers hack password and what all methods and software’s they generally use. By knowing how hackers can get into your account, you will be in better situation to understand what are the possible ways you can lose your account information and passwords & you can protect yourself from getting hacked next time.

How do Hackers get Passwords?

There are some common technique which hackers uses to hack passwords.

One of them is phishing pages, where a hacker will send a login page of Gmail or Facebook and it will look exactly the same as real Facebook login page/Gmail login page.

Most of the time they use Social engineering skills like, they will send message saying “This person has posted your bad picture on Facebook, click here to check your photo”, and once you click on the link, you will be taken to login page, as soon as you enter your password, it will be sent to hacker.

Most of the times, hackers use sexual posts to lure victims into divulging their accounts.

Hackers hack people passwords for many reasons. Most cyber criminals do it for money. While others do it just showing their skills or to use your Email account to send spam links to your contact list or use your Facebook account to send spam application link.

Though, the major problem comes when hackers get hold of your private and sensitive data and blackmail starts.  Here are the most likely methods that hackers use to hack your passwords.

Social engineering

The most popular low-tech method for gathering passwords is social engineering. Social engineering takes advantage of the trusting nature of human beings to gain information that later can be used maliciously. A common social engineering technique is simply to con people into divulging their passwords. It sounds ridiculous, but it happens all the time and even the most cautious of people fall prey to it.

Shoulder surfing

Shoulder surfing  (the act of looking over someone’s shoulder to see what the person is typing) which also known as visual hacking, is an effective, low-tech password hack. It has existed since the time computers became popular but has only been regarded as high risk now. Anyone who has interest in your passwords has to look over your shoulders and note down the passwords. It can happen at a ATM, in a cyber cafe or at an airport. You can always protect yourself by glancing around before keying in the password.


This is one of the basic tool used for getting your passwords. Keylogger resides in your system memory and runs at every startup. These keyloggers log all the keystrokes you type. A log is created and then it is sent to the Hacker. Most famous keylogger is the Ardamax Keylogger. It can be customized so it doesnt show up in Windows “Processes” and notify the victim.

The best solution to avoiding keyloggers is using Online virtual Keyboard (i always insist on it) when typing password for sensitive sites like your bank account and Paypal account.

RAT [Remote Administration Tool]

With RAT, a hacker can connect to your PC, without your knowledge. He can see what is going on the screen, what you are currently doing, which sites you surf. It also has the built-in functionality of keylogger.

Hacker can copy files from your Hard disk to his computer, and all this without your knowledge. A good example of RAT is Poison Ivy. It can be customized to connect to your PC on a particular port number specified while creating the RAT.


Now these are the most common type of malwares. Trojans spread through warez sites, torrent websites or by clicking on  mostly on risky links. All of you want free softwares. Right? Beware though! When you download from warez sites or torrent websites. In all probability all softwares, keygens and patches could contain trojans. This means you will get the software for free, but your computer will be infected by a trojan.

There are many other ways which hacker usually uses, for example if you are connected to internet on a LAN, which uses the same router , a hacker can use any packet sniffer and base decoder to read all sensitive data being transmitted from your computer.

To beat such hackers, always avoid public Wi-Fi spots for banking, emails etc. Log in using HTTPS websites as they encrypt the traffic between you and the server leaving the sniffers toothless.

Glance over your shoulders, use hard passwords, use password management software to manage your passwords.

How to protect yourself from hacking:

  • Install a good licensed anti-virus. I suggest you go for Kaspersky. It’s the best anti-virus out there.
  • Always have your Windows Firewall turned on.
  • Never ever trust warez sites. There is a lot of malware flowing out there.
  • Don’t run .exe programs given by anyone. Trust only yourself.
  • Never auto-play a pen drive. By this, malware automatically gets installed on your PC.
  • Don’t run attachments from emails.
  • If you want to run .exe files safely, run them sandboxed. A free applicationSandboxie is available for this purpose.
  • If you feel you’re infected, format your PC immediately. No anti-virus can remove a Trojan horse from your PC. It’s very difficult to remove a trojan from an infected PC.

Well I do hope that this article gets to inform you on how well to keep your system safe from external intrusions. Please feel free to share.

kivuti kamau

Data Modelling, Design & Development

Press ESC to close