![\"\"](\"https:\/\/www.mdis.edu.sg\/blog\/wp-content\/uploads\/2020\/08\/lock_circuit_board_bullet_hole_computer_security_breach_thinkstock_473158924_3x2-100732430-large-1024x683.jpg\")
<\/figure>\n\n\n\nNow, many of you reading this\nmight disagree and say that your social media account providers or your\ninternet banking services have the latest security measures and promised to keep\nyou and your data safe. So what\u2019s there to worry about? True enough, many\ncorporations do have existing security measures set in place to keep your\naccounts safe, preventing your accounts and passwords from being attacked by malicious\nhackers. <\/p>\n\n\n\n
But, are your passwords different from one another? Do all\nof your accounts use a different, unique password each containing a different\npassphrase? <\/p>\n\n\n\n
If the answer is no, you are indirectly putting your\naccounts at risk<\/em>.<\/strong><\/p>\n\n\n\n Many internet users online use weak or duplicates of their passwords for different accounts across the web. Usually due to being more convenient as well as being less of a hassle coming up with new and strong passwords over and over for every single online account. <\/p>\n\n\n\n Having duplicate passwords on multiple accounts might put you at risk in the form of password attack known as Credential Stuffing.<\/p>\n\n\n\n Credential stuffing is the\nautomated injection of breached username\/password pairs in order to\nfraudulently gain access to user accounts. Large numbers of spilled credentials\nare automatically entered into websites until they are potentially matched to\nan existing account, which the attacker can then hijack for their own purposes.\n(OWASP, 2020)<\/p>\n\n\n\n For example, a particular user\nhas accounts on Gmail, Facebook, Instagram and an online shopping account each\nsharing the same ID and Password. The online shopping website might have been\nunsecured and your shopping account credentials got leaked. Here\u2019s where the\nattacker will strike.<\/p>\n\n\n\n Anatomy of Attack (OWASP,\n 2020)<\/strong><\/p>\n\n\n\n Botnet* – A botnet is a collection of\ninternet-connected devices infected by malware that allow hackers to control\nthem.<\/p>\n\n\n\n Credential Stuffing can be prevented if proper measures are\ntaken. According to Owasp, here are the methods of prevention. (OWASP, 2020)<\/p>\n\n\n\n Credentials and account security should be your\nresponsibility too.<\/p>\n\n\n\n If proper security measures are taken and malicious websites\nare avoided. You too can avoid being a victim of Credential Stuffing. <\/p>\n","protected":false},"excerpt":{"rendered":" You are your biggest security breach. As of April 2020, there are 4.57 billion active internet users online, 4.2 billion unique mobile internet users, 3.81 billion active social media users and 3.76 billion active mobile social media users which brings us to a grand total of 16.34 billion users (Statista, 2020). Considering that there are 7.77 billion\u00a0(WorldoMeter, 2020) people living in the world, that\u2019s twice the number of the entire human population on earth. These 16.34 billion users have different accounts and passwords that could potentially be breached by hackers. Now, many of you reading this might disagree and say […]<\/p>\n","protected":false},"author":293,"featured_media":2551,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[24,10],"tags":[],"_links":{"self":[{"href":"https:\/\/www.mdis.edu.sg\/blog\/wp-json\/wp\/v2\/posts\/2548"}],"collection":[{"href":"https:\/\/www.mdis.edu.sg\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mdis.edu.sg\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mdis.edu.sg\/blog\/wp-json\/wp\/v2\/users\/293"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mdis.edu.sg\/blog\/wp-json\/wp\/v2\/comments?post=2548"}],"version-history":[{"count":2,"href":"https:\/\/www.mdis.edu.sg\/blog\/wp-json\/wp\/v2\/posts\/2548\/revisions"}],"predecessor-version":[{"id":2556,"href":"https:\/\/www.mdis.edu.sg\/blog\/wp-json\/wp\/v2\/posts\/2548\/revisions\/2556"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.mdis.edu.sg\/blog\/wp-json\/wp\/v2\/media\/2551"}],"wp:attachment":[{"href":"https:\/\/www.mdis.edu.sg\/blog\/wp-json\/wp\/v2\/media?parent=2548"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mdis.edu.sg\/blog\/wp-json\/wp\/v2\/categories?post=2548"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mdis.edu.sg\/blog\/wp-json\/wp\/v2\/tags?post=2548"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}One password for multiple accounts.
<\/h4>\n\n\n\n![\"\"](\"https:\/\/www.mdis.edu.sg\/blog\/wp-content\/uploads\/2020\/08\/Dont-Use-Same-Passwords.jpg\")
<\/figure>\n\n\n\n![\"\"](\"https:\/\/www.mdis.edu.sg\/blog\/wp-content\/uploads\/2020\/08\/anatomy-credential-stuffing-1024x389.jpg\")
<\/figure>\n\n\n\nCredential Stuffing. What is it and how does it affect me?<\/h4>\n\n\n\n
How do I prevent this?<\/h4>\n\n\n\n