Advice for HackerFacebookPenetration TestingSocial Media

4 Methods of Cracking a Facebook Password And Protecting Yourself Online

Regardless of the security issues that have tormented Facebook for several years, People keep joining it. Due to this Facebook broke number of records with more than 1.94 billion monthly active users, as of March 2017-and about 1.28 billion active daily users.

Words on the table, we post every inch of detail about our lives on Facebook. From all our happy moments to late night depressing thoughts. From our travel plans to our school lives. In short, everything. Clinical psychologists have published various books specifying huge influence of Facebook on our mental health, emotions and relations with everyone.

But usually we are unaware of who’s observing our activities.

Facebook is used mainly to stay in touch with people all over the world but some use it solely for harming others. We publicize what people can use to trouble us. They are aware of every detail about our personal life. They know exactly when we are out for work and when we are at home. People can pose as us by copying our public profile photos and all the information that we give.

It is horrifying, the fact that we are becoming comfortable with modern technology without knowing that it is making us less secure on social media. We already share more than acceptable amount of information about ourselves that some of the people should not know AND adding fuel to the fire they can easily access our emails and get to know the part of our lives that we wanted to keep concealed.

Fun fact! It is not necessary for you to be a pro at hacking to access someone’s Facebook account.

This article will help you know how hackers and almost everyone can hack your account. Hang on, there’s more! You’ll also learn how to protect yourself from it.

#1 Resetting The Password

Getting into someone’s Facebook is easy as pie! we can get into anyone’s account even without knowing their password (yes, Facebook allows it.) All you gotta do is send a code to three friends and as soon as you enter those codes, WAY TO GO! You are there, without a trouble. Its just that simple.

  • First, get your friend’s Facebook email address. If you don’t know it then try searching it in their contact information section. If you still cant get there, Hackers use tools like The-harvester to search for emails, by using it we can easily get our hands on someone’s email.
  • Then, click on Forgotten your password? and type in the victim’s email. Their account will come up. Click this is my account.
  • It will ask  if you would like to reset the password via victim’s email. This wont be possible so, Click No longer have access to these?
  • Now it will ask you How can we reach you? type in the email you have that is not linked to any other Facebook account.
  • Now it will ask you a question. if you know the answer then its great but if you don’t then make a sensible guess, if you are able to get it correct then you can reset their password. after 24 hours you can login their account.
  • If you are unable to guess it, then click recover account with the help of your friends this allows you to choose from three to five friends.
  • It will send them passwords which you can ask them and then type it on the next page. Either you can create three to five fake accounts or ask your close friends who will be willing to give you that password.

Protect yourself!

  • Use a specific email for your Facebook and don’t put it on Facebook.
  • When choosing a security question make it as difficult as you can because PEOPLE can be good at guessing pet names, teacher’s name etc just by going through your profile.
  • Learn about recovering your account from friends.
  • Select three to five of your trusted friends whom you want the password to be send to.
  • So, your friends cant gang up on you and get in your account.

#2 Using Key-loggers & Rats

Also Read: How to Get know if you’re Infected with Keyloggers?

A software key-logger is a program that can record each stroke on the keyboard that the user makes, without their knowledge.

The software needs to be downloaded manually on victim’s computer. It will automatically start recording the strokes when the computer will be turned on and it wont be discerned in the background. A software can be prepared to send you the summary of all the keystrokes via email.

Hardware Keylogger


This works the same way as software keylogger, there’s only 1 difference that a USB has to be attached to the victim’s computer in this method. This USB drive will save the data for all the keystrokes. Its a simple way to extract the data from anyone’s computer.

Variety of options are available for hardware keyloggers. Wired keyloggers like the Keyllama can be attached to the victim’s computer to save keystrokes and works on any operating system — Later the data can be physically extracted. If you’re looking to swipe the passwords remotely, you can invest in a premium Wi-Fi enabled keylogger which can email captured keystrokes or be accessed remotely over Wi-Fi.

Protect Yourself!

  • A firewall must be used. Usually information is transferred over the web so a firewall would protect from any suspicious data entering your computer.
  • Installing a password manager also helps. Keyloggers are unable to steal what you don’t type as password manager automatically types important forms for you so you don’t have to type anything.
  • Keep updating your software. If there would be any viruses in your software they’ll be removed my updating.
  • Change your passwords weekly to feel safer while surfing.

#3 Phishing Attacks & Social Engineering

It is a typical but difficult way of hacking someone’s account. For this a fake website has to be created that looks exactly the same as Facebook login page, this website can be sent to the victim via email when he’ll login using this website all his information will be transferred to the creator of this website rather than Facebook. This method is relatively difficult because you’ll need a fake login page and a web hosting account.

The easiest way to do this would be to follow our guide on how to clone a website to make an exact copy of the facebook login page. Then you’ll just need to modify the submit form to copy/ store/ email the login details the victim enters. Exact steps can be found here detailed instructions available

The possibility of hacking through this method is less nowadays as people are taking precautions while they login through other links but if you clone the Facebook login page accurately there is a chance that you can succeed.

Protect Yourself!

  • Beware of clicking links through emails. Login to Facebook directly through the main website to stay safe from harmful links.
  • Phishing can be done through various links. Even the ads you see can be malicious.
  • Don’t click on any attractive links that ask for your information.
  • Use anti-virus & web security software, like Norton or McAfee.

#4 Man in The Middle Attack & Spoofing

Man in The Middle Attack

If you can get near your victim, you can easily trick them into connecting with a fake WiFi to steal their credentials via a Man In The Middle (MITM) attack. Tools like the Wi-Fi Pumpkin make creating a fake Wi-Fi network is as easy as sticking a $16 Wireless Network Adapter on the $35 Raspberry Pi and getting close to your target. Once the victim connect to the WiFi network you can control the traffic and can redirect them to any websites of your desire.

You can even set it to only replace certain pages and leave other pages alone.

Protect Yourself!

  • Don’t connect to open or un-encrypted WiFi networks
  • Don’t connect to WiFi networks that are out of place.
  • If you have trouble connecting to your Wi-Fi, look at your list of nearby networks to see if there are any copies of your network name nearby.
  • If your router asks you to enter the password for a firmware update to enable the internet or shows you a page with major spelling or grammar errors, it is likely you’re connected to a fake hotspot and someone nearby is trying to steal your credentials.

Related Articles

Back to top button