Password Sniffing is a hacking technique that uses a special software application that allows a hacker to steal usernames and passwords simply by observing and passively recording network traffic. This often happens on public WiFi networks where it is relatively easy to spy on weak or unencrypted traffic.
And yet, password sniffers aren’t always used for malicious intent. They are often used by IT professionals as a tool to identify weak applications that may be passing critical information unencrypted over the Local Area Network (LAN). IT practitioners know that users download and install risky software at times in their environment, running a passive password sniffer on the network of a business to identify leaky applications is one legitimate use of a password sniffer.
As you can imagine, in the hands of an unscrupulous administrator this can could lead to serious problems. Generally, such activities should be sanctioned by a senior leader in the company and the use of this software should be governed by more than one individual to prevent the abuse of any findings.
Source: Techopedia, SSH
Additional Reading: Protecting against the Next Great Heist by Encrypting Data in Transit
Related Terms: Packet Sniffing, Wireshark
SMB owners don’t need to learn what a Password Sniffer is, but they do need to employ someone who does. Protecting your SMB from Password Sniffers means you need a vCISO or a security focused Managed Service Provider (MSP) or Managed Security Services Provider (MSSP) worrying about this for you.
There are simple “ounce of prevention” measures you must take as a business owner which will proactively prevent the “pound of cure” reaction when something goes wrong. Hackers are out there using Password Sniffers to break into your company. Proactively prevent this by leveraging a vCISO, CyberHoot, or both!
Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.
Newly discovered Android banking Remote Access Trojan (RAT), dubbed Klopatra, has compromised more than 3,000...
Read more
In June 2025, KNP Logistics Group, a transport company in the UK with 500 trucks and nearly two centuries of...
Read more
Vulnerability scanning and it's human led partner penetration testing (aka "pentesting") are excellent and...
Read moreGet sharper eyes on human risks, with the positive approach that beats traditional phish testing.
