How easy is it to hack someone's system/account?

So recently I've been feeling a little bit paranoid about being hacked. So far nothing has happened to make me think that but because I play a lot of online games I just wanted to get people's thoughts on how easy it is.

My average scenario is this;

Playing World of Warcraft, get into an argument with someone for one reason or another, then I'll notice something in the game that will immediately make me suspicious. Like, I don't remember having that little gold (I'm talking a difference of about ten coins here....) or a while later the auto login will stop working for a brief moment. Small bugs and glitches like that which are common but because they happen around the time I argued with someone I immediately think;

"RIght, that person clearly hacked me! Because we were in the same dungeon party, he was able to get my IP address using some kind of third party program and BOOM! That'll all he needs to get into my system or account within 30 seconds!"

It sounds ridiculous but is that kind of situation even possible? Is it really that easy?

Its surprisingly easy to get into your wireless network, spoof it and collect all that data in between. If you have a shit wifi password and live in a large apartment complex or dorm expect this to happen.

Beat defence is complex passwords upper and lower case with mixed number.

Having spyware and programs that aren't trustworthy and having a general lack of basic pc maintenance and online behaviour knowledge could also expose your accounts. Basically if you have a filthy pc that you have only the most basic grasp on running, your more likely to have issues.

it is as easy as how complicated your password is.

complicated password? potentially impossible to hack your account

your password is password123? would take about 2 minutes to hack.

Ooo, nice pictures you have on your laptop. Don't disconnect; downloading now.

No that isn't a likely scenario at all. If they have your ip address it doesn't really let them do anything. Routers default to all incoming ports closed. Even if you had an application waiting on a port open, there would need to be a vulnerability in that application.

The worst that can happen generally is they can ddos you which will slow your internet speed to a crawl.

The comments here are talking about a LAN network in which case there a lot of possible ways to get data about you. If you get into someone's wifi you can do some more damage. Of course that requires them driving to your house.

@Gammit10:

Mate, i have Asperger's and OCD. You have no idea of the damage you've just caused me by saying that...

Nah. Noone can hack you.

This chip was one of 1856 that was in a PC that could destroy passwords at the speed of 20-30 times faster than a GTX980 can do.

This chip was build at 1998. Imagine what they can do now...

someone hacked my xbox 360 account couple years back. No idea how because my password was sorta hard, an uncommon word and two numbers. But after that i made my password 100x harder, its random characters and symbols, it wouldnt be possible to guess it even if you had a million years to do so, it would require pure brute force to do it.

The loser that broke into my account bought fifa digital items and stole my money that way. Another reason to hate EA for having a p2w crap in their game so people were able to steal funds and transfer digital items. I've never even played this crappy Fifa game.

I got my money refunded after a month but lost all trust in security and have bought very little on my xbox or playstation since.

What bugs me is they don't let you use long enough passwords so you have to resort to odd characters, i rather have a super long password that i can remember but would not be possible to guess. My truecrypt password is over 45 characters long, its easy to remember because its a weird phrase i memorized but added numbers to the end of it to complicate it further. One of my online banking passwords are super weak, they only let you use around 14 characters, so i randomized it best i could with words and numbers with no logic.

Another thing i'll add, i don't type in my passwords from beginning to end, i cut a portion from a text file and fill in the blanks from memory making it near impossible to guess even if i had a keylogger on my pc.

If that's the case, I apologize. I was just trying to tease. Honestly, there's a few options for you:

1. don't jump online, and access as few accounts/website as possible if you have to
2. keep your operating system up-to-date, and consider using one that has fewer viruses and malware out there, like OSX or a brand of linux
3. if you do continue to use Windows, make sure you use a well-rated anti-virus program, keep it updated, and perform a scan with it about once week or two. Do the same with anti-malware programs
4. use a password keeper program, like Crypto, lastpass, etc. to hold your other strong passwords, and use a very strong, difficult-to-guess password with at least 8 characters, numbers, capital and lower-case letters, and symbols
5. change those passwords every 6 months or so
6. keep your ears out for security breaches from different companies you frequent/buy from. If they say they may have been compromised, change your password as soon as possible

jesus dude... you need to get back on your meds then.

im being serious. seek treatment, or get back on your meds. if you are on meds, and you still feel that kind of anxiety, then you arent on the right ones and need to speak with your psychiatrist.

password length is more important than complexity.... FYI. an 8 character password with random numbers and letters is actually EASY to brute force. let this comic explain:

7. Don't access the internet with an admin account. The end.

The hacks you guys are describing are if you get the server's encrypted hash. Then you can go ham on decrypting the passwords locally. You aren't going to get the server's encrypted hash of passwords.

Trying to brute force an online web page will get your ip banned in no time. Not to mention it will be incredibly slow.

You cannot just hack someone online by knowing their ip address. That's only possible if they don't have a router + their firewall is disabled, or they have an application accepting incoming ports that has a vulnerability.

That scenario you described is not possible.

Also it is good practice to not use the same password for multiple things. I use lastpass personally.

Well if you use the year you born as a password then its really easy. Using a password that is made of numbers, letters ( both lower and upper case ) and special characters such as * and is 8-12 characters long then its next to impossible . Also it helps not using the same password everywhere You can use the same passwords on places that is not as important when hacked such as forums or gaming sites but email and services like steam is better to use a different one for each one

@goodkingmog said:

@Starshine_M2A2 said:

@Gammit10:

Mate, i have Asperger's and OCD. You have no idea of the damage you've just caused me by saying that...

jesus dude... you need to get back on your meds then.

im being serious. seek treatment, or get back on your meds. if you are on meds, and you still feel that kind of anxiety, then you arent on the right ones and need to speak with your psychiatrist.

@nicecall said:

someone hacked my xbox 360 account couple years back. No idea how because my password was sorta hard, an uncommon word and two numbers. But after that i made my password 100x harder, its random characters and symbols, it wouldnt be possible to guess it even if you had a million years to do so, it would require pure brute force to do it.

The loser that broke into my account bought fifa digital items and stole my money that way. Another reason to hate EA for having a p2w crap in their game so people were able to steal funds and transfer digital items. I've never even played this crappy Fifa game.

I got my money refunded after a month but lost all trust in security and have bought very little on my xbox or playstation since.

What bugs me is they don't let you use long enough passwords so you have to resort to odd characters, i rather have a super long password that i can remember but would not be possible to guess. My truecrypt password is over 45 characters long, its easy to remember because its a weird phrase i memorized but added numbers to the end of it to complicate it further. One of my online banking passwords are super weak, they only let you use around 14 characters, so i randomized it best i could with words and numbers with no logic.

Another thing i'll add, i don't type in my passwords from beginning to end, i cut a portion from a text file and fill in the blanks from memory making it near impossible to guess even if i had a keylogger on my pc.

password length is more important than complexity.... FYI. an 8 character password with random numbers and letters is actually EASY to brute force. let this comic explain:

ya i agree. 8 characters long no matter what symbols can be guessed fairly fast with a pc. Actually i remember cracking a .zip file password that was 7 characters long way back in 1999 with an old pc and it only took a few days. Using just a simple brute force program in dos.

Thats what bugs me with my banking password, they limit it to 14 characters. It should have no limit or at least let you use 30 characters at least. I think my xbox live had a limit also so i made it as long i could and used fairly random mix.

You have to keep in mind that WoW is not a direct connection between party members. Each person talks to the WoW servers and it is responsible for maintaining and updating the game's state. Other people's IP shouldn't be exposed because they have no reason to directly communicate with the player.

If someone were to hack your account, they'll likely do much more than pilfer a small amount of gold. It takes time and can be fairly difficult to hack through a large, mature, constantly updated software, like, WoW so they are going to need a bigger pay off than a small amount of gold.

So far you've gotten several different answers between "its really easy" and "its really hard" to answer your question. The thing is that both responses are right.

There is no such thing as a completely unhackable system. But it can be made so difficult that it makes it unreasonable or impracticable to breach to anyone that doesn't have a country's budget backing them with resources.

The problem starts to arise when an exploit is found in a system. These tends to be flaws, bugs, and oversights in the implementation of code. You can think of it like the relatively recent Heartbleed bug; that was a bug that was running around for many years before it was found out. If a hacker finds out about a certain exploit, they generally have very, very easy access into parts of the system they aren't supposed to. It can, however, take a lot of work, knowledge, and skill to find the flaws and exploits; this is not the kind of thing a random person on the internet is capable of doing.

The best thing you can do is keep all your software up to date.

@goodkingmog said:

@Starshine_M2A2 said:

@Gammit10:

Mate, i have Asperger's and OCD. You have no idea of the damage you've just caused me by saying that...

jesus dude... you need to get back on your meds then.

im being serious. seek treatment, or get back on your meds. if you are on meds, and you still feel that kind of anxiety, then you arent on the right ones and need to speak with your psychiatrist.

@nicecall said:

someone hacked my xbox 360 account couple years back. No idea how because my password was sorta hard, an uncommon word and two numbers. But after that i made my password 100x harder, its random characters and symbols, it wouldnt be possible to guess it even if you had a million years to do so, it would require pure brute force to do it.

The loser that broke into my account bought fifa digital items and stole my money that way. Another reason to hate EA for having a p2w crap in their game so people were able to steal funds and transfer digital items. I've never even played this crappy Fifa game.

I got my money refunded after a month but lost all trust in security and have bought very little on my xbox or playstation since.

What bugs me is they don't let you use long enough passwords so you have to resort to odd characters, i rather have a super long password that i can remember but would not be possible to guess. My truecrypt password is over 45 characters long, its easy to remember because its a weird phrase i memorized but added numbers to the end of it to complicate it further. One of my online banking passwords are super weak, they only let you use around 14 characters, so i randomized it best i could with words and numbers with no logic.

Another thing i'll add, i don't type in my passwords from beginning to end, i cut a portion from a text file and fill in the blanks from memory making it near impossible to guess even if i had a keylogger on my pc.

password length is more important than complexity.... FYI. an 8 character password with random numbers and letters is actually EASY to brute force. let this comic explain:

Yup, for software trying to use brute-force to guess your password, length is more important. For people trying to guess your password, variety of characters is important too. For maximum power, I recommend the maximum character use and length possible.

@XaosII@JigglyWiggly_

Thank you guys. You helped a great deal :)

I'm not sure how people hack things like WOW, but my account somehow got hacked way back while my account was de-activated.

I probably would never have known but i came back for a short 7 day trial a couple years ago just to mess around. And I noticed my bank was empty and almost all my items were gone. Blizzard somehow recovered my items even after like 3 years after this probably happened, which was an impressive feat and shows how well they backup their stuff.

What i don't get is how it happened, i had a fairly complicated confusing password so i doubt they guessed the password... i think it was made possible when blizzard made accounts merge into their blizzard.net thing. My username was a very easy thing to guess though so perhaps that was the weak point.

Anyways, you are never safe and best you can do is hope that your email is secure and your system is virus free. I recently made a brand new email address with my isp to start fresh and hopefully increase my security on some games i use.