|
The most likely way to have your password stolen is via phishing or other hacks that trick you into revealing your password for a particular site. Some of the phishing attacks are diabolically clever. They'll pixel perfectly duplicate something like the Google or banking login screen, but instead it is sending your password to the hacker. That's why having a second factor is so effective at blocking attacks. When the hacker tries the password a prompt is sent to your phone and hopefully you deny that it is you trying to login. It is possible to also have your password stolen in large database hacks. These database steals happen every day, which is one reason not to reuse passwords no matter how complex. If some forum leaks your password via an unsecured database it won't really matter to you much, but if you used that same password for your bank you might be in trouble. It is pretty rare that someone will try to crack your password, no matter how stupid and short it is, but it does happen, especially if you are someone famous or likely to be targeted like a journalist or politician. The average person will not be the target of password crackers.
|