What are the risks of reusing the same passwords?

Credential stuffing is the name of an automated attack that takes the compromised credentials from one leak/site and uses them to break into user accounts from other services/sites that use the same username and password. A credential stuffing attack can make hundreds of attempts on dozens of websites in a matter of minutes.

Passwords are typically obtained by cybercriminals through data breaches and phishing.

Say I use the same password to sign up on website A and on website B because it’s easier for me to remember. Then, say a week later, my credentials for website B are compromised. Well, website A isn’t any safer than website B. And if my attacker is smart, they’ll try my credentials on website A and several other sites.

Worse, even if I’m eventually notified from website B that my credentials are compromised (I may never be notified), there’s a good chance I won’t think about website A, or C, or D, etc. even though they’re all compromised.

#cybersecurity #security #privacy #cybersecurityawareness