With so much information and activity being done online these days, protecting your privacy and personal data with strong passwords is very important. As such, we're going to take a deep dive into passwords in this article, specifically, how hackers get your passwords (and proceed to steal from you) and how you can protect your passwords and data.

Just remember that if you need support or someone to talk to, our Sonder support team is available 24/7 to chat whenever you need it.


So how do hackers get my passwords anyway?

There are a number of techniques cybercriminals can use to steal passwords. Familiarise yourself with the following techniques and stay vigilant:

  • Phishing and social engineering - The most common example and one you've probably experienced. These usually come in the form of scam emails or texts from cybercriminals masquerading as loved ones, friends, or companies you're associated with in the hope that you'll share personal information with them.

  • Malware - Similar to phishing scams, malware can come in the form of malicious online ads, compromised websites, or legitimate-looking apps, all of which are designed to steal your personal information. This can be data you've inputted and logging your keystrokes to taking screenshots of your device and sending them back to the cybercriminals.

  • Brute forcing - This involves cybercriminals feeding large volumes of breached usernames and passwords into automated software in an attempt to access people's accounts and hoping to find a match.

  • Guessing - Exactly as it says on the tin, cybercriminals may simply guess people's passwords. While this may seem rudimentary, people commonly use easily-guessable passwords (such as '123456' or 'password') and/or use the same password for multiple accounts, which puts them at additional risk of having their data stolen.

  • Shoulder surfing - This basically involves the cybercriminals skulking around and getting people's passwords by simply looking over the victim's shoulder without them noticing.

Yikes, how do I protect myself and my passwords?

Cybercriminals may have a number of ways to steal passwords, but thankfully there are several ways you can protect yourself from their unscrupulous methods. Some of the tried-and-true ways of managing and protecting your passwords include:

  • Use only strong and unique passwords or passphrases on all your online accounts.

    • Don't recycle passwords, always use unique passwords.

  • Don't reuse your login credentials across multiple accounts.

  • Switch on two-factor authentication (2FA) on all your accounts.

  • Use a password manager, which will store strong, unique passwords for every site and account, making logins simple and secure.

  • Avoid using passwords that are known to be stolen.

  • Only use HTTPS sites for logging in.

  • Don’t click on links or open attachments in unsolicited emails.

  • Only download apps from official app stores.

  • Invest in security software from a reputable provider for all your devices

  • Ensure all operating systems and apps are updated to the latest version.

  • Beware shoulder surfers in public spaces

  • Never log on to an account if you’re on public Wi-Fi; if you do have to use such a network, use a VPN


If you have any questions or need extra support, we're here to help you anytime in any language. Simply start a chat with us via the home screen of the Sonder app.

Information sourced from: Australian Cyber Security Centre, CNET, The New York Times, and We Live Security

Image credit: Mr Robot

All content is created and published for informational purposes only. It is not intended to be a substitute for professional advice.

Did this answer your question?