There are endless ways that hackers gain access to systems and computers. They'll use a mixture of real world and technological tools to get what they want. There are also dozens of reasons why a hacker does what they do, whether it's for fun, profit, or to make a statement.

Good news: most hackers don't care about you! At least not individually. It's rare that someone with the know-how is going to park outside your home, hack into your network, gain access to your computer, and see what they can do. In general, it's not worth the effort. For that reason, most hackers will make things easier on themselves by going after dozens to thousands of targets at once. The most common hack that affects end-users is one that involves lists and robots - scripts that use a known database of information to try and gain access to various services.

Lets look at an example: several years ago, a company named Gawker Media was hacked. Gawker runs a dozen blogs on various subjects, and they let users create accounts on their sites so they could comment on the articles that were posted. A group hacked Gawker's site and stole their database of user accounts and passwords, then put that online for anyone to download. Nefarious groups will take lists like these and feed them to their robots, pointing them at other websites to see if the same username and password can be used to log into anywhere else. Usually they get a very small percentage of hits, but when you get lists with hundreds of thousands of users on it, you don't need many, particularly if you're letting a script do the work.

It's not the end of the world if your user commenting account on Gawker was compromised, because you could just change your password and your account didn't have anything important in it anyway. But what if you used the same email address and password on another, more important site, like Amazon or PayPal?

Now we get to the moral of the story: password variation. Everyone needs to use unique passwords on all their sites. It's not enough to use one complex password, because as I've explained that password could end up in a text file on the web if it's used at a website that gets hacked at some point. Please read this post on my favorite password management service.

LastPass, however, still needs you to choose a single secure password to connect to just that service. My best advice for choosing a secure password is to read this web comic, then use this service.