Password hacking is one of the simplest and most common methods attackers obtain unauthorized network, computer, or application access. You frequently hear about it in the headlines, and report after report such as the Verizon Data Breach Investigations Report reaffirms that weak passwords are the source of many security problems.
Although strong passwords ideally, longer and stronger passphrases that are difficult to crack or guess are easy to create and maintain, network administrators and users frequently ignore this. Therefore, passwords are one of the weakest links in the information security chain. Passwords depend on secrecy, after a password is compromised, the original owner of the password isn’t the only person who can access the system with it. That’s when responsibility goes out the window and bad things start happening.
External attackers and malicious hackers have many methods to get passwords. They can gather passwords easily by asking for them using some social engineering techniques or by looking over the shoulders of users (shoulder surfing) while they type their passwords.
Hackers can also get passwords from local computers by using remote cracking utilities, keyloggers, or network analyzers. Also, they can steal passwords and other confidential data from the network using Man in the middle attacks (MiTM).