Breaches to popular websites like Facebook and Twitter have resulted in stolen user login information for millions of users. These stolen passwords are now available for sale on the dark web. There have been so many data breaches like these that it is just a bad idea to use the same password for many logins. IT security experts have warned people about this practice for years. Unfortunately, many people refuse to take to steps to correct this problem.
Password strategies to prevent credential stuffing attacks
One great strategy to avoid this risk is to use a password manager application. Check out my recent post on this topic. In short, a password manager is an application that stores your passwords in one, secure location. You only need to remember one master password to access all the other passwords stored in the program.
There are other strategies for creating unique, secure passwords. Writing them in a notebook is safer than using the same password over and over. Short passwords are easy to hack so come up with a phrase or a few words strung together. Make it even more secure by adding a number and special character.
We all use many websites that require logins and remembering those can be difficult. A simple strategy is to create a password and just string the website name onto it. For instance, a secure password for Amazon could be “5$FishingPoleAmazon.” You could use this on every website and just replace the “Amazon” part with Facebook, Twitter or other website names. This strategy is much more secure than using the exact same password over and over.
This successful credential stuffing attack will lead to others. The way towards prevention is by developing better password habits. Try to find time to implement a secure password strategy for your logins.