When it comes to stuffing, everyone has their favorite, right? Well, cyber criminals do, too. It’s something known as “Credential Stuffing.” For anyone who has ever reused a password between different accounts, could be a recipe for disaster!
It’s something many people admit to doing: They reuse the same password across a few different services.
Not judging you if you’ve done it. It’s easy to see why thousands of people do this every day. It feels like an easy way to get signed up to something. If you reuse a password, you won’t have to go through the hassle of trying to remember it, and needing to reset the password in the future.
However. You only have to do this once, and you’re at big risk of something hackers are very thankful for, credential stuffing.
This is where hackers get hold of millions of real usernames and passwords. These typically come from the big leaks we hear about in the news. And then they try all those details to see if they can login to other digital services. They use bots to stuff the credentials into the login box, hence the name.
Because it’s automated, they can sit back until their software manages to log into an account… and then they can do damage or steal money. Stats suggest that 0.1% of breached credentials will result in a successful login to another service. The best way to protect yourself against this kind of attack is to never, ever reuse passwords.
Use a password manager to generate long random passwords, remember them for you and auto fill them. The less hassle for you, the less likely you are to reuse a password. Consider giving a password manager to each of your staff as well.
And if you know you have reused passwords in the past, then you should really change all your passwords on all active services, just to be safe.
Knowledge is Power!
Sign Up to Receive Our FREE “Cyber Security Tip of the Week”
No Catch. No Obligation. Just week after week of timely tips to keep you one step ahead of hackers.