Security Awareness Training
how passwords are hacked

How passwords are hacked

It’s mostly done offline
Most hackers (or their bots) don’t sit around typing in passwords on websites like you do. Instead they obtain and download encrypted password data from a breached database. They then attempt to crack these passwords offline using a password cracking tool.

Brute force password attacks
In a brute-force attack, a hacker uses software to systematically enter every possible combination of letters, numbers, and symbols until the password is found. It’s similar to a thief trying all combinations on a lock or a safe.

A short, simple password like L0nd0n1 can be cracked instantly while a longer, more complex password takes significantly longer.

Creating Strong Passwords

Time to share some inside knowledge. Here’s some tips on how to create stronger passwords:

Tip 1 – Length
Use a password that’s at least 12 characters long. 15 is even better. Long passwords are harder to crack.

Tip 2 – Complexity
Include a mix of uppercase and lowercase letters, numbers, and special characters (such as !, @, # etc.)

Tip 3 – Randomness
Avoid using sequential numbers or letters like 12345 or ABCDE – they are among the first combinations an attacker tries when attempting to crack your password.

time it takes to crack a password in 2023
what is a dictionary attack?

More password tips

Tip 4 – Avoid personal information
Don’t use easily obtainable information like your phone number, address, or family members’ names.

Tip 5 – No dictionary words or common passwords
Avoid using single words that can be found in dictionaries like “Computer” or common passwords like “Password123″ or “Iloveyou”. Please study the image to find out more.

Tip 6 – Unique words
Try using a random, personal word as part of your password. Could be your grandmother’s nickname, or a word you and your friends use to describe something, perhaps spelled differently.


Ok, so you can’t remember passwords like “I&74RqkS7r15!!f”. Now what? Say hello to Passphrases – they are a series of random words, for example My friend JoJo and his family love sunday roast.

The latter is easier to remember and, as it contains more characters, is harder to crack.

Top tip
Avoid using a common phrase like ‘Better late than never’. Hackers include these in their dictionaries

Pro tips
Avoid a series of regular words like ‘I love ice cream’. Opt for something more random like susanna-met-toronto-pound.

Even better – make the words unique by misspelling them and adding some special characters in-between the words. Here’s one for you:


brand and culture onboarding
Security Awareness Training with engagement

Creating a method

There are a couple of tricks when it comes to creating strong, unique password that you actually remember.

Tip 1
Use a passphrase that includes at least one unique word (like a friend’s nick name).
pizza darts seadog happy

Tip 2
Add some uppercase letters and/or numbers – in the same place to make it easier to remember.
pizzA dartS seadoG happY

Tip 3
Include some special characters like £=.<@ etc. Place these in the same position to help your memory.
p.izzA d.artS s.eadoG h.appY

Tip 4
To avoid reusing you can add the name of the service.
p.izzA d.artS s.eadoG h.appY g.maiL

The future of passwords

Multifactor Authentication (MFA)
Combines two or more methods of identification for added security. For example you might also get a text message with a code that you input.

Authenticator apps
Instead of receiving an SMS, you open an app that shows a temporary unique code, which is entered online.

Password Managers
A software that stores all your passwords and automatically suggest them when you attempt to log in. These tools are either stand alone or built in to Edge and Chrome.

A new tech developed by Google, Microsoft, Amazon etc, meant to replace password entirely. Insetad of typing a password you use your phone or computer and identify with your face or pin code.

future of passwords
Request more info

I want to know more

Get In Touch

Book a demo