Password Security Tips & Common Hacks

Read time 2 mins

Cyber security attackers use a variety of techniques to discover passwords, including using powerful tools freely available on the internet.

The following UK National Cyber Security advice makes password security easier for your users – improving your system security as a result.

Click the image below to download the infographic, or scroll further to read the text version.

How are passwords cracked?


Manual Guessing
Personal information, such as name and date of birth, can be used to guess stored password information.

Stealing Passwords
Insecurely stored passwords can be stolen – this includes handwritten passwords hidden close to a device.

Passwords can be intercepted as they are transmitted over a network.

Social Engineering
Attackers use social engineering techniques to trick people into revealing passwords.

Shoulder Surfing
Someone observing an individual typing their password into a device.

IT infrastructure can be searched for electronically.

Brute Force
Automated guessing of billions of passwords until the correct one is found.

Key Logging
An installed keylogger intercepts passwords as they are typed.

How can you improve your password security?


Blacklist the most common password choices.

Don’t store passwords in plain text format.

Monitor failed log-in attempts.

Train users to report suspicious activity.

Change all default vendor supplied passwords before devices or software are deployed.

Prioritise administration and remote user accounts.

Use account lockout, throttling or monitoring to help prevent brute force attacks.


Are you looking to increase the awareness of cyber security within your organisation? Read more about Littlefish’s Cyber Security services.
Get In Touch