An article by the security magazine reveals that there is a cyber-attack in every 39 seconds. The data also said that most of these attackers get success due to weak passwords.
This type of revelations leave the users with millions of questions like- how can hackers guess passwords, how user mentality makes them vulnerable, and is there a way to prevent them?
The answer to all these questions is that, it all depends on you and your security measures. The hackers don't usually access the computer directly but use your mentality to leverage their works. They exploit the user mentality and manipulate them to take some compromising action.
This post will tell you about the different techniques that the hackers use to gain breach into your network. It will also show some solutions to prevent them at a personal level.

Dictionary Attack And Brute Force
The secret of the dictionary attack lies in its name. The technique consists of a file that contains almost every possible word that a user can use as a password. The hacker uses this file to guess the password, and sometimes, get success.
The brute attack also uses the same trick, but it uses a combination of both dictionary and non-dictionary words for it. It combines alphabets with numeric to generate results.
Solution: Never use a common word name, birthdates, or place name as password. The password should always contain a combination of small case alphabets, large case alphabets, numerical characters, and special characters.

Phishing
The simplest way to get a password is to ask the user, and that's what the hackers call phishing. The cybercriminals create a fake login page and send warning email or offer. They manipulate the users to sign in and voluntarily provide their credit card detail or other essential credentials.
In fact, if you check your inbox; you may also find some mails with next to impossible offers or some telling you to change your banking detail.
Solution: Never open a mail from unknown sources and ignore the too good offers. Contact your bank for confirming a message (they usually don't ask you for passwords and CVV).
Spidering

Organizations and startups often use a company name or something related to it as a password. This action makes them vulnerable. The hackers gather the company information through social media pages, website, and other sources to map terms that relate to it. Then they use this information to generate a list of words and implement brute force to guess the password.
Even the large-scale companies have become a victim of this attack in the past.

Solution: Never use owner name, birthdates, a company establishing dates, or anything related to it as a password. Try something far different like for an IT company using something related to mechanics. There is no way to guess such a diversion. Two-step verification is also an excellent choice.

The Final words
The methods mentioned above are some of the most common processes that hackers use to get user details. There are a lot more like a rainbow table attack, malware hacks, and more. In some cases, hackers also use a direct approach to gain access.

Therefore, make it a point to encrypt all the critical files, never share your administrative credential and conduct security audits. Use of genuine software and quality and antivirus program is also a good idea.