Let's say your name is "Chandler Bing" and your wife's name is "Monica Geller". You are known for your sarcasm you work in an IT company as a procurements manager with specialization and statistical analysis and data reconfiguration. Although, No one cares about your job you like to hang out with your friends at a coffee house named Central Perk you might use a password like “Ch@ndler&Monica69”. Notice here that your password is completely guessable. It is found with publicly accessible information about you like your name and your wife's name and your favorite things which means your password is not a secret in the first place. Anyone who knows your name and your wife's name technically knows your password too. There are actually many password-guessing software to get passwords based on our target public information. For example, let's take a look at “Common Users Passwords Profile” short form “CUPP”.
CUPP is written in Python to generate target-specific word lists or in other words, Password Lists. Try filling out an interactive questionnaire in CUPP with your data and see the generated list of passwords. If your password appears in it. Well if your password doesn't appear in the first try but it does contain some publicly accessible information about you it's because you are not using CUPP in the right way. You can reconfigure it and keep trying to generate more password lists which may eventually contain your potential password most of the security incidents on the Internet occur due to weak passwords that are easily guessable. I mean your social media profiles alone would in most cases give away a lot of your data which you might have used to frame a password. So how difficult do you think it is for hackers to guess a password I mean to just use a password guessing software to guess a password based on your public information what makes it even worse is if you are using the same password for multiple websites so if someone figures out what your password is on one website they can use the same password on all the other websites too you just made things easy for the hacker you say you're not the type of person who uses weak passwords that contain your public info Does that make you safe? Well think again your credentials might have already been leaked online through data breaches.
Source
A data breach is when hackers manage to get access to a website's database and steal all the data they may later sell this stolen data on the dark web or simply make it available for free. If you happen to be the user of a website that got breached it means even your data that you put in that particular website is included in the bridge this data may contain your username, password, phone number, email ID, and other crucial assets. To check if any of your data is included in any of the breaches that occurred until now you can go to Have I been pwned and just enter your email address.
This will tell you where and how many times your data associated with that email is leaked and what type of data is leaked. You can further search for "pwndb" on Google and using this web interface you can even see your plaintext password that is leaked in a data breach. If you happen to be a victim in a breach the first thing you need to do is obviously change your password on all the web sites where you are using the leaked password. However New data breaches are leaked on the Internet very often and the best way to stay updated and get notified whenever your data is included in new leaks is to use Firefox monitor it is maintained by Mozilla and you can simply sign up and every time a breach that contains any data that is associated with your email is leaked on the internet you will get notified.
So far your password which you think is very much of a secret might actually not be a secret at all in this post try to emphasize on the fact that it is very easy for hackers to get their hands on your password so what are the best practices to keep your password safe and protect yourselves online. Well the best way would be to use a password manager by using a password manager you can generate a strong random password for each website you use and you don't even have to remember this password you just have to remember your master password which you use to unlock all your other passwords on your password manager but you might ask what if my master password is exposed? Well, it's your job to keep your master password safe do not form your master password with your public information use some random alphanumeric strings along with some special characters that make no sense so that it is very hard for hackers to guess your password. I had this master password so that you do not forget it and do not save it anywhere on your computer or on the Internet just let it be in your head in your own memory. This is, in fact, the best way to use passwords and make sure that your passwords are never leaked or guess. Also, make sure you use two-factor authentication wherever you can so that even if someone has your password they won't be able to get in unless they enter that special one-time password that is sent to your email address or to your mobile number but most importantly do not use the same password on multiple websites. Your Hive password is generated randomly So you do not need a password manager to generate any kind of password. The password provided by Hive is unguessable and protected. Also hacking of Hive password is Impossible but also some tools can steal your password. The best way to avoid it is to use tools that are open source.
If you found this interesting Please do Upvote and leave your valuable comment.
@anonymouser, thoughts on this?
Congratulations @pakgamer! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :
You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word
STOP