The IT Pro Podcast: How hackers steal your password
How does password compromise happen, and how can you prevent it?

Passwords are the foundations of our digital identity, which makes them rich targets for cyber criminals. With the right password, a hacker can accomplish all sorts of nefarious tasks, including theft, fraud and impersonation. So how exactly do hackers manage to make off with our passwords, and what can be done to stop them?
In this episode, we discuss the methods - both simple and complex - that cyber criminals can employ to pilfer our credentials, including data breaches, watering hole attacks and social engineering, as well as how you can safeguard yourself against falling victim.
Footnotes
- The IT Pro Podcast Special Edition: Fighting password compromise
- The top 12 password-cracking techniques used by hackers
- What is phishing?
- 10 quick tips to identifying phishing emails
- What are you giving away on social media?
- The IT Pro Podcast: The psychology of security
- Have I Been Pwned: Check if your email has been compromised in a data breach
- LastPass hacked - what you should do
- What is two-factor authentication?
- Simplify cluster security at scale
- The IT Pro Podcast: The secret life of hackers
- How to check if your passwords have been stolen
- If not passwords then what?
- 4 quick tips to create an unbreakable password
- Apple releases open source tools for password manager developers
- HTTP vs HTTPS: What difference does it make to security?
- Most malware came through HTTPS connections in Q1 2020
- Wikipedia: John Titor
Subscribe
- Subscribe to The IT Pro Podcast on Apple Podcasts
- Subscribe to The IT Pro Podcast on Google Podcasts
- Subscribe to The IT Pro Podcast on Spotify
- Subscribe to the IT Pro newsletter
- Subscribe to IT Pro 20/20
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
ITPro is a global business technology website providing the latest news, analysis, and business insight for IT decision-makers. Whether it's cyber security, cloud computing, IT infrastructure, or business strategy, we aim to equip leaders with the data they need to make informed IT investments.
For regular updates delivered to your inbox and social feeds, be sure to sign up to our daily newsletter and follow on us LinkedIn and Twitter.
-
Using WinRAR? Update now to avoid falling victim to this file path flaw
News WinRAR users have been urged to update after a patch was issued for a serious vulnerability.
-
Amazon CEO Andy Jassy doubles down on the company's AI focus
News Amazon CEO Andy Jassy thinks companies need to "lean into" AI and embrace the technology despite concerns over job losses.
-
The NCSC wants you to start using password managers and passkeys – here’s how to choose the best options
News New guidance from the NCSC recommends using passkeys and password managers – but how can you choose the best option? ITPro has you covered.
-
I love magic links – why aren’t more services using them?
Opinion Using magic links instead of passwords is safe and easy but they’re still infuriatingly underused by businesses
-
Password management startup Passbolt secures $8 million to shake up credential security
News Password management startup Passbolt has secured $8 million in funding as part of a Series A investment round.
-
LastPass breach comes back to haunt users as hackers steal $12 million in cryptocurrency
News The hackers behind the LastPass breach are on a rampage two years after their initial attack
-
GitHub launches passkeys beta for passwordless authentication
News Users can now opt-in to using passkeys, replacing their password and 2FA method
-
Microsoft SQL password-guessing attacks rising as hackers pivot from OneNote vectors
News Database admins are advised to enforce better controls as attacks ending in ransomware are being observed
-
No, Microsoft SharePoint isn’t cracking users’ passwords
News The discovery sparked concerns over potentially invasive antivirus scanning practices by Microsoft
-
Microsoft Authenticator mandates number matching to counter MFA fatigue attacks
News The added layer of complexity aims to keep social engineering at bay