How do Hackers Hack your Passwords?

How do Hackers HackMany of you might have been victims of your email accounts being hacked, or your Facebook password not working. This maybe because your password might have been hacked by the Hackers.

One way to keep your self secure is by knowing how do hackers hack password and what all methods and software’s they generally use. By knowing how hackers can get into your account, you will be in better situation to understand what are the possible ways you can lose your account information and passwords & you can protect yourself from getting hacked next time.

Read: 5 Ways to Keep yourself safe while using Internet

How do Hackers get Passwords?

There are some common technique which hackers uses to hack passwords. One of them is phishing pages, where a hacker will send a login page of Gmail or Facebook and it will look exactly the same as real Facebook login page. Most of the time they use Social engineering skills like, they will send message saying “This person has posted your bad picture on Facebook, click here to check your photo”, and once you click on the link, you will be taken to login page, as soon as you enter your password, it will be sent to hacker, and your page will reload to take you to the real page. Most of the time, victim don’t even realize his password is gone.

Hackers hack people passwords for many reasons, some of them are just showing their skills and some of them hack for profits. Many of them will use your Email account to send spam links to your contact list or use your Facebook account to send spam application link. Though, the major problem comes when hackers get hold of your private and sensitive data and black-mail starts. Like I mentioned above, Similarly, there are many other methods which I have listed below are being used by hackers to hack anyone password or Email access.

1. Keyloggers

This is one of the basic tool used for getting your passwords. Keylogger resides in your system memory and runs at every startup. These keyloggers log all the keystrokes you type. A log is created and then it is sent to the Hacker. Most famous keylogger is the Ardamax Keylogger. It can be customized so that it cannot be shown in “Processes” (Windows Task Manager).

I suggest you to start using Online virtual Keyboard when typing password for sensitive sites like your bank account and Paypal account.

2. RAT

RAT stands for Remote Administration Tool. With RAT, a hacker can connect to your PC, without your knowledge. He can see what is going on the screen, what you are currently doing, which sites you surf. It also has the built-in functionality of keylogger.

Hacker can copy files from your Hard disk to his computer, and all this without your knowledge. A good example of RAT is Poison Ivy. It can be customized to connect to your PC on a particular port number specified while creating the RAT.

3. Trojan Horses

Now these are the most common type of malwares. Trojans spread through warez sites mostly. All of you want free softwares. Right? Beware though! When you download from warez sites, all the keygens and patches and even the original trial programs are trojaned. This means you will get the software for free. But your computer will be affected with a trojan horse.

When you run the patch/keygen, you’ll get the desired output, but in background, your system gets infected with the trojan. Turkojan is a famous Trojan horse. A trojan is much more superior to keyloggers and RATs. It provides much more functions, so that a Hacker has more access to your PC.

There are many other ways which hacker usually uses, for example if you are connected to internet on a LAN, which uses the same router , a hacker can use any packet sniffer and base decoder to read all sensitive data being transmitted from your computer. Cain and Abel is one such sniffer and there are many more.

That’s one reason why I always suggest to enable secure browsing where ever possible. Most of sites like Facebook gives an option to use https login, which encrypts your data and even hacker uses sniffer to capture data, decoding password with those data will not be easy. Brute forcing is another common method, but with technology advancement, most of Email and Web login forms, comes with handling such attack.

How to protect yourself from hacking:

  • Install a good licensed anti-virus. I suggest you go for Kaspersky. It’s the best anti-virus out there.
  • Always have your Windows Firewall turned on.
  • Never ever trust warez sites. There is a lot of malware flowing out there.
  • Don’t run .exe programs given by anyone. Trust only yourself.
  • Never auto-play a pen drive. By this, malware automatically gets installed on your PC.
  • Don’t run attachments from emails.
  • If you want to run .exe files safely, run them sandboxed. A free application Sandboxie is available for this purpose.
  • If you feel you’re infected, format your PC immediately. No anti-virus can remove a Trojan horse from your PC. It’s very difficult to remove a trojan from an infected PC.


Well, to be safe, you have to take all preventive method and make sure you enable all security features offered by web app you are using. I hope this article will help you to understand how do hackers hack and you can take all preventive measures to keep your password safe. If you find this article useful, don’t forget to share it on Google plus and Facebook for more social awareness.

Subscribe on Youtube

Article By


COMMENTs ( 38 )

  1. saj says

    Yes right I use Norton which is very good but passwords are usually hacked on social networking which is very sad indeed that happened to me :(
    I wish there was no such things as hackers then the whole world would be in peace !! :) :D

  2. Anup Tabe says

    Thanks a lot for wonderful information . This information gonna help me a lot to be on safer side . Will remember all the tricks from next time . Thank You Very Much .

  3. Vally says

    Hello Mahesh,

    Great article…just one of your tips that I don’t understand…can you explain what you mean in further detail?

    *Don’t run .exe programs given by anyone. Trust only yourself.

    Any program you download has an .exe file to run it. What am I not understanding? Thanks for your help.

  4. Mahesh says

    The trojan resides only in Windows folder. All other drives are safe. You just need to format your Windows drive and re-install Windows. A good way is to keep your documents/files in other drives and assign a 10-15 GB space for Windows drive, so that you don’t lose a lot of data while formatting.

    I use both Kaspersky & Microsoft’s Security essentials. There are some viruses/threats which are detected by Microsoft’s security essentials and not by Kaspersky and vice versa. But as compared with other anti-viruses, Kaspersky is my favorite. It’s better that you use both Kaspersky and Security essentials.

  5. Iamsra says

    Its scary that NO Trojan can be removed/ cleaned. That means data backup/ image backup will carry Trojan? Cancer!!
    Q: how kaspersky is better than windows essentials?

  6. Manikandan J says

    I Agree with Vibin.I have used all antivirus software,according to me Eset Nod32 is better than among all.I don’t recommend Kaspersky since it Slows Down the PC.Once i downloaded a file on one warez website.I was downloaded that through IDM,when the Download was completed just before IDM says “Download Finished” Eset Nod32 gave me a Warning message.The warning Message said the File Contains “Keylogger”.I was really shocked!From that time still i’m using Eset Nod32 Antivirus,the best antivirus to kill the Hacker.Go For it!

  7. sandeepraulo3140 says

    @mahesh system and system32 are two different folders.
    then how come the path be …………system/system32

    • Mahesh says

      I meant to say windows or system or system32 folder. The path is not fixed. The keyloggers can be melted behind different files and processes.. Searching the keylogger files on your computer is a hectic task.

  8. sandeepraulo3140 says

    A mahesh iam asking for keyloggers location and not for on-screen keyboard.
    pls help me someone

  9. sureshpeters says

    password should contains speical character, numbers, alphabets, it ll increase the strenght of password

  10. Chetan Bhasin says

    I think Bit Defender Total Security is better than Kaspersky or any other anti virus program. If I have to choose the best one, I wouldn’t go for Kaspersky.

    That is because though Kaspersky plays important role in your computer security it reduces your computer performance.

  11. Nurul Azis says

    Strong password combination is nothing against keylogger, keyboard strokes are recorded. One think I am wondering, does windows built in virtual keyboard can help for this one?

    • Mahesh says

      Yes! Go to run->type “osk” without quotes and press enter! I tried this on my Win 7! Hope it’ll work on Win xp and vista as well..

      • Saket Jajodia says

        In Windows XP go to Start –> All Programs –> Accessories –> Accessibility –> On0-Screen Keyboard

        You will get your On Screen keyboard…

  12. Vivek Parmar says

    > changing passwords frequently
    > Commodo firewall
    > Antivirus
    and finally if you don’t want such type of headaches then go for ubuntubetter option as compared to windows

  13. George Serradinho says

    Well, I do my best to change my passwords often. There are various ways hackers get passwords and it’s up to each individual to ensure that they are safe as possible when online (keep anti-virus up to date, keep passwords safe, etc)

  14. shashank says

    hey could u pelase more elaborate on Keyloggers!
    got to know more about it:)
    wish u add up those topics in ur next article!

    • Sahil @iBlognet says

      Keyloggers basically records your keyboard keystrokes. When a keylogger is activated on your system it records all your keystroke to and sends it to the server. The keystroke records are send in a predifned interval to the server.

      Keylogger are mostly in .exe formats. The most common way to spread them is through software patches. They are not easy to detect, if the keylogger is binded with any other file.

      Powerful anti-spyware solutions such as Microsoft AntiSpyware Beta, Spyware Doctor, Ad-Aware SE, SpyHunter, eTrust PestPatrol or Spybot – Search & Destroy are well-known for perfect keylogger detection and removal capabilities.

  15. 1skyliner says

    I was not aware of one of method above.Thanks for the heads up and information about this,Thanks for sharing..

  16. Rahul @ MazaKaro says

    i was always looking for these kind of security topics !
    i think talkign about this is very required and knwoing this is important ! i think the most dangerous part in this are malwares and using the “antimalwares” is needed so we avoid disasters
    thank you for this

  17. seenu says

    Should have a habbit of creating different passwords for different accounts which complex but simple to remember,

    Other way to hack passwords is thru social Engineering
    Nice post

  18. Jagan Mangat says

    we must undertake preventive measures while doing stuff and all on pc.
    And be careful while you use torrent,back some days i download a patch file for a program,installed it got the program working fine but something went wrong,my browser started crashing and windows explorer not responding and related probs.

  19. Sahil @iBlognet says

    Phishing and cookie stealing are one of the common way to hack accounts

    It’s better to choose a password containing small letters + caps letter + numbers + symbols [like: ghER78#$ or ERD54@*#df].
    Also it’s better to change all account passwords in every 4 to 5 months.

    Any way’s thanks for sharing the nice info mahesh. Keep it up†

  20. Sharat says

    Thanks for this great informative post, Mahesh.
    I was not aware of one of method above. Thanks for updating :) and thanks for the protection tips.

    I hope this educational post will surly help many guys to have anti hacking account ;)

    Thanks :)

  21. sudheer Ranga says

    Nice list mate… Helps people to be aware of getting hacked..
    I have brought ebooks about hacking which teach’s all the above method to hack into peoples computer…

    As you said using a good firewall(I use OutPost Pro…its really nice…) also helps blocking unwanted access to your computer, but when you run a business or do bank transaction’s on your PC then its better idea to format…

  22. Phil says

    Some people just make silly passwords that people can guess. I believe its important to make a password that has uppercase letters and numbers and something that nobody else would be able to guess.

    I know some people who relate their passwords with family members or hobbies which are easily guessed without any tool.

    Nice list though, always keep your password safe and change it every now and then! :)