How safe is your password?
Think your password is safe? If criminals want to steal it, a lot of them will just ask, writes Matt Warman
Published 15/12/2010 | 11:59
Most consumers believe that their passwords are secure – weird combinations of numbers and letters with upper and lower case combinations lull people into a false sense of security.
In reality, however, hackers are getting cleverer – they’re increasingly likely to get you to either tell them your password, or to hack into it in such a way that they can see the whole thing anyway.
One mode of hacking is to use an old-fashioned key-logger. This is a small piece of software, invisible to most users, that simply records every button that is pressed.
Log-in to your email and your details are passed on to the hackers responsible, without your experience being immediately affected.
Another option that’s attractive to opportunistic criminals is to set up a wifi network that appears to be, say, a BTOpenzone. Many phones constantly hunt open networks and logon automatically in a way that relatively few laptops do.
Although such methods are relatively easy to trace and shut down, any data that is transferred over these networks can be monitored and stolen immediately.
Then there’s the easy option: a simple Google search for password, username and a specific filetype returns more than 10,000 pages of freely available, open spreadsheets that contained enough information to provide full access to the accounts of schools or mortgage brokers with crucial service providers.
The fault is not with consumers – it’s often with the organisations that hold reams of information.
More criminals, however, are adopting a longer game: posing as a firm’s head of IT, say, they will befriend people on LinkedIn or Facebook.
After a few chatty messages, it’s amazing how many people will follow links to sites that look like those used by banks, but in fact ask for entire passwords.