How are passwords stolen?
Security experts at Carnegie Mellon University estimate that more than a million passwords have already been stolen on the Internet. One has to ask why this happens so frequently. Part of the answer is that hackers have many tools, such as dictionary programs and sniffers, to assist them. A hacker will launch a dictionary attack by passing every word in a dictionary (which can contain foreign languages as well as the entire English language) to a login program in the hope that it will eventually match the correct password. The programs which perform dictionary attacks are often capable of trying simple permutations on dictionary words as well (such as trying them backwards). A network sniffer installed on a computer can read every piece of data sent out from your machine across the network, including passwords. The ease with which a sniffer can find your password ensures that it is one of the first programs a hacker will run on a machine he or she has broken into. Network sniffers can
