Credential Stuffing: A Security Epidemic

How can you mitigate or prevent these attacks?

Published December 2017

Faced with evergrowing concerns over application and data integrity, organizations must prioritize identity protection in their security strategies. In fact, safeguarding the identity of users and managing the level of access they have to critical business applications could be the biggest security challenge organizations face.

In a credential stuffing attack, cybercriminals turn to the dark web to purchase previously stolen usernames and passwords. They then make repeated attempts with automated tools to “stuff” the login fields of other websites with the credentials to gain access to accounts held by corporate users or customers. How can you prevent, or at least mitigate, these attacks?