Credential Stuffing

Protect your online accounts from credential stuffing threats.

“Credential Stuffing” has emerged as a leading cyber threat against your financial, retail, social media and email accounts. This is a technique used by cyber criminals to try to gain unauthorized access to your digital accounts. By using lists of stolen user names and passwords from previous data breaches, cyber criminals randomly try to log in to websites and social media accounts in the hope that individuals set up those same user names and passwords for some of their other online accounts. This threat is real and it is on the rise. It works because many individuals do not follow best practices when creating login credentials. 

Reduce Your Risk of Becoming a Victim of “Credential Stuffing”

To reduce your risk of being a victim of “credential stuffing”, follow the best practices below:
  • Do choose different user IDs and passwords for your online accounts.
  • Do choose strong passwords.
  • Do change passwords regularly.
  • Do turn on two-factor authentication when offered.
  • Do Not reuse passwords across your online accounts.
  • Do Not reuse user IDs across your online accounts.
  • Do Not use your email address as your user ID.
  • Do Not use easy, guessable passwords; try substituting special characters for certain letters.
  • Do Not utilize your Facebook login to access financial websites.
  • Do Not use the same password for your online and social media accounts.
  • Do Not respond to phone, email or text requests for personal or confidential information.