NamePros, the largest domain forum, warns its visitors that “credential stuffing” attacks are on the rise. The forum’s operators are advising its members:
If you use the same password on multiple websites, change it now.
What are credential stuffing attacks anyhow?
According to Wikipedia, credential stuffing is a type of cyberattack where stolen account credentials typically consisting of lists of usernames and/or email addresses and the corresponding passwords are used to gain unauthorized access to user accounts.
The attack is facilitated through large-scale, automated login requests directed against a web application, or web site.
To counter the possibility of becoming the victim of a credential stuffing attack, the solution is simple: don’t reuse the same passwords across multiple applications and web sites.
NamePros has a detailed example with suggestions on password generation principles right here.
Thanks for helping spread the word! We appreciate it.