Hackers use programs that guess passwords-- the general technique is often termed "cracking".  Users also give away their passwords, either as victims of social engineering or even knowingly to colleagues.  For instance, users may be unaware of appropriate ways to share documents.   Keyloggers capture all typed information, including passwords.

In the event of a password compromise: 

• Change user passwords.   Change all passwords on the system if a privileged password has been compromised.  Consider following the recommendations for handling an Intrusion.
• Catalog access to other resources and data at the University.  This applies to resources accessed through the Rutgers Central Authentication Service (CAS) as well as other University hosts accessed regularly.  More than one password may have been compromised by the same method. 
• Counsel users to change other passwords such as those for online banking and other Internet services.  Multiple credentials may have been stolen from the same user.   Further, consider that University passwords may have been compromised on a home (or other non-RUNet) host along with other user credentials. 
• Advise users of password polices as described in the Acceptable Use Policy for Computing and Information Technology Resources and the Guidelines for Interpretation and Administration of the Acceptable Use Policy for Computing and Information Technology Resources.
• Discuss appropriate data sharing methods with users.
• Refer to the Computer Security Incident Handling Guide for further advice on Handling Unauthorized Access Incidents. 
• Review procedures for Compromise of Confidential or Sensitive Data