Many hackers enter computer systems simply by guessing passwords, and with the top passwords of 2012, 2013 and 2014 being password, 123456 and 12345678, we’re not exactly making things difficult for them! (of 40 million Adobe account passwords leaked online, 2 million were 123456).
Increases in computer processing power makes cracking your password that much easier and faster.
However, even the best and strongest passwords can eventually be defeated mathematically given enough time and computer processing power. Whilst the use of strong passwords acts as a firm deterrent against password guessing attacks, and buys additional time against other attacks, where possible, you’ll want to look at using two-factor authentication – that is something you know (a password), and something you have (ie. a mobile phone).
When you login to a site that supports two-factor authentication (such as a bank), you’ll enter your password, and a one time generated code generated via either a text message or an app on your phone. As codes are generally refreshed every minute, even if a hacker had obtained your password, they wouldn’t have your one time password.