People might have this question on their head now, is that easy to hack password? No it is not.
1. There is only way to hack ur password without phishing means its called brute force.
2. Brute force means, doing a parallel attack or series of attack with multiple known passwords.
3. It is not that easy to do brute force attack on some websites or application to hack ur accounts.
4. If you do brute force, you might end up getting your IP permanent block and that certain account gets into secure stage, "some kind of two step verification to login."
5. Then those accounts are only allowed to login after a email confirmation from the account owner.
There are is another technique to crack password using brute force is called password HASHING.
There are different types of password hash are used in database encryption methods. If you know the right hash method and password hash, sure you can crack it, but there is another tricky part is. You need a very very powerful graphics adapters or hashing hardware.
For more information, google this >> hashcat
There is more to cover, but i don't want to go that deep to cover this topic.