/ myki

The Rising Threat of Credential Stuffing

It’s one of the fastest-growing segments of cybercrime and one of the simplest cyber attacks to execute - but also one of the easiest to protect yourself from.

From Zoom to Disney+ to Nintendo, all sorts of companies have reportedly been the targets of what are known as credential stuffing attacks, resulting in many users having their accounts compromised and taken over by hackers. This happens 87 million times a day in the US alone.

What is credential stuffing?

To execute a credential stuffing attack, a cyber criminal first needs to get their hands on a large database of stolen credentials, which are conveniently available for sale on the Dark Web - no hacking required.

Using some automation tools, the attacker can then test every single one of those millions of usernames and passwords on a site of their choosing. There's a good chance that some of those credentials might actually work there too and give them even more accounts to add to their collection.

The only reason this type of attack even works in the first place is because people have the unfortunate habit of reusing the same password across multiple accounts.

For example, if you have an account on one site (like LiveJournal), and you use the same password on all your other accounts, a cyber criminal with access to a database of credentials from that site could effectively use it to compromise the rest of your accounts, provided that they all use the same exact username and password.

What can you do?

The solution is rather simple: stop using the same password for all your accounts. Don’t wait for a data breach to be your wakeup call, be proactive and give each of your accounts its own strong and unique password.

Enabling 2FA wouldn’t hurt either, as it adds an extra layer of security to your account that a hacker just can't bypass, even if they already have your password.

This can easily be done with the MYKI Password Manager and Authenticator. Use the Security Dashboard to identify which of your accounts have weak or reused passwords, then easily create better ones for them using the built-in password generator. MYKI also functions as a 2FA authenticator, allowing you to manage both your passwords and 2FAs from one place.

Download the MYKI app on mobile or desktop today and start taking control of your digital identity.

The Rising Threat of Credential Stuffing
Share this