Think your password is safe? Think again. 
Cybercriminals have countless tricks to crack your login details — from brute-force attacks to sneaky phishing scams. 
Check out this infographic to discover the top password attacks you need to know and how to protect yourself!

1. Brute-Force Attack
   The attacker tries every possible combination of characters until the correct password is found.
   Extremely time-consuming for complex passwords.
   Example:
   Trying a, aa, ab, ac… all the way through every possible combo.
2. Dictionary Attack
   Uses a list of common passwords or dictionary words to guess the password.
   Faster than brute-force because it relies on likely password choices.
   Example:
   Trying words like password, 123456, welcome, qwerty, etc.
3. Credential Stuffing
   Attackers use leaked username-password pairs (from data breaches) and try them on multiple websites.
   Exploits people who reuse passwords.
4. Phishing
   Trick users into revealing their passwords by pretending to be a trusted entity (like a bank or email provider).
   Often done via fake websites or emails.
5. Keylogging
   Malicious software (keylogger) records every keystroke made by the user, capturing passwords as they’re typed.
6. Man-in-the-Middle (MitM) Attack
   Intercepts communication between a user and a service to capture login credentials, often in unsecured networks.
7. Rainbow Table Attack
   Uses precomputed tables of hashed passwords to reverse hashes back to their original passwords.
   Can be mitigated by adding a salt to passwords before hashing.
8. Social Engineering
   Manipulating people into revealing passwords through deception or persuasion, often bypassing technical security.
   Example:
   Pretending to be IT support and asking for a password.
9. Shoulder Surfing
   Physically observing someone typing their password (like looking over their shoulder in a public place).
10. Password Spraying
    Trying a few commonly used passwords (like Welcome1 or Password123) against many usernames to avoid triggering account lockouts.

How to Protect Against Them:

• Use strong, unique passwords.
• Enable Multi-Factor Authentication (MFA).
• Avoid password reuse.
• Educate users about phishing and social engineering.
• Regularly update and monitor passwords.