© 2022 Prancer, Inc.


Password Cyber Attack

September 13, 2020

When it comes to cloud security, passwords are often the first line of defense. They play an essential role in authenticating users and making sure that only certain people have access to information. For this reason, passwords are also targeted in cyber attacks. Hackers can easily exploit weak passwords or use other techniques to uncover login credentials. Learn more about this type of attack and how to prevent them.

Password Attack Techniques

Brute-Force Attack

While certain types of cyberattacks use sophisticated methods, password attacks can be relatively simple. Someone may be able to look around a co-worker’s desk to gain certain clues that can then be used to make educated guesses about potential passwords. This is what is known as a brute-force password attack. By using some social engineering, hackers can learn about a user’s hobbies, family, pets, and other details that are commonly used in insecure passwords. This may seem like an ineffective and time-consuming method, but it is actually a favorite among hackers because of its simplicity.

Dictionary Attack

With this method, a hacker will use a program that will run through a series of likely passwords. This technique also relies on knowing some of the psychology of the user as well as common password variations. The dictionary method will start with common words and then add different letters and symbols until the password is correctly guessed.


Phishing is a bold attack that asks the user for their login information. Sometimes they will send a slightly threatening email that scares the recipient into taking action. Other times, they will pose as a member of the company IT team and ask for passwords. This type of password attack can be difficult to identify before it is too late.

Credential Stuffing

When a breach in cloud security has occurred and hackers have a hold of login information, they will use this data to try to log into other accounts. Many people use the same name and password for multiple accounts and hackers use this to their advantage. In this way, one data breach can lead to many more and other accounts can be compromised.

Keylogger Attack

By installing a program on a user’s device, hackers can actually track and log keystrokes. This allows them to easily see exactly what passwords are being used. The program is often sent through a phishing email with a malware download.

Preventing Password Attacks

Cloud security should be a priority for any business and security begins with strong password policies. Here are some password best practices that can help prevent attacks:

  • Implement a lockout policy that will temporarily freeze the account once an incorrect password has been entered a certain number of times. While this won’t prevent all attacks, it is a simple way to deter hackers.
  • Use a password generator and management tool. Instead of allowing users to create their own passwords require them to use a password generator that will create random passwords that are impossible to guess. A password management tool will help users safely enter passwords without having to remember a string of random letters and numbers.
  • Reset passwords regularly. Make sure that users are resetting passwords at regular intervals.

Cloud security relies on a variety of different tools, but passwords are one the most basic and yet effective ways to prevent cyber attacks. When used and managed properly passwords can ensure compliance and user authentication. For more information about ways to improve passwords and cloud security, contact the experts at prancer.