Here’s what credential stuffing is and how it’s possible for you to easily protect yourself against it.
ThisCybersecurity Awareness Weekarticle is brought to you in association withIncogni.
What Is Credential Stuffing?
Jason Fitzpatrick / How-To Geek
There are all manner of cyberattack vectors out there, ranging from the profoundly simple to the profoundly sophisticated.
Here’s how it works and how it can personally affect you.
Let’s say you, like millions of other internet users, have dozens of accounts across various services.
You also have several high-value/high-risk logins, like the logins for your email, bank, etc.
Hopefully, your bank and your email provider have excellent security.
But the same can’t be said for that car forum or that coupon site.
What happens when someone exploits those sites and steals all the user data?
Now they have your username, most likely your email, and your password.
It might even fire up the door to your folks' place, too.
How Can I Protect Myself Against Credential Stuffing?
Every site and service gets a unique password, with no exceptions.
Enter the password manager.
But it’s a fantastic way to add an additional layer of security to your accounts.
Purge Old Accounts to Reduce Risk
If you’re not using an account, delete it.
But if you’re not using an account, there’s no real reason to keep it around.
When it’s possible for you to,delete unused accountsfor services you no longer care about.
The short of it is this.
Keep your primary email address private and sling a unique email at them.
The hackers don’t get firstname.lastname@gmail.com.
Instead, they get somerandomstring@some-alias-provider.com, which provides no credential stuffing value to them.
However you approach the problem, don’t lose sight of the first and most important tip we shared.
The sooner you start using them, the better.
