In the last days we have seen some different methods to get someone else’s password, whether it’s from Hotmail or from other e-mail providers. Although many people say it’s not really possible to get this passwords I can say that this methods work a great percentage of times.
Usually, the best method to get it is social engineering, and the other ones are used when this doesn’t work. I think it’s essential to know how this methods work, not for using them, as it’s illegal and unethical, but to protect ourselves from someone trying to use these on us.
So, let’s get a look at the list again and then we’ll talk about some methods which don’t really work:
- Trying basic passwords
- Trying passwords used in other sites
- Social engineering
- Keyboard logging
- Passwords stored at ISP
- Recovering it from another account
- Breaking into the user’s computer
- Stealing files with NetBIOS
It’s really easy to find documents in Internet which explain how to get a Hotmail password by sending an email to an automated password recovery service, with a combination of our username, the username we want to get the password AND they usually also say we must enter our password. This is only a trick used by some people to get YOUR password, not to recover the one you want. If you send one of these emails then someone will receive it and as it contains your username and your password he will be able to get into your account.
There are also some programs which promise to be able to recover someone’s password. These are also useless and probably dangerous, as they try to do the same as the “automated password recovery” and usually ask for your own password. Don’t fall on this trick.
So, to finish these series of posts, never trust any easy method to get someone’s password and remember to protect yourself and your password with a good security policy. In each post, I have explained some of the techniques to protect us, so apply them wisely.
Many of these techniques com from NNLNews, a security newsletter in spanish. Not that they invented them, but they did a good job of recopilation. I’d like to thank them for their work.