Credential Stuffing Attack

What is Credential Stuffing Attack?

Credential Stuffing Attack is a type of cyberattack in which the hacker collects breached account credentials (usernames or email addresses and the corresponding passwords), and uses them to gain unauthorized access to user accounts through large-scale automated login requests directed against a web application.

Suppose you have an email account abc@xxx.com and the password is Abc?123@ (relatively complex). For easy memory management and account access, the same email and password are used on multiple websites A, B, C, D, etc.

If this email and password are hijacked, the hackers will try to use them to log in to accounts on various other websites. This means that your accounts registered with the same email and password on websites A, B, C, D, etc. will be easily stolen. If you have assets in the accounts, they might be stolen too.

 

How to avoid Credential Stuffing Attack?

1. CoinEx strongly recommends binding 2FA to avoid credential stuffing attacks.

2. Avoid setting passwords that are too simple and easy to guess.

3. Avoid using the same email address and password for account registration.

4. Change your password regularly.

Disclaimer: The content provided on this website is for informational purposes only and does not constitute investment advice. The information provided is not intended to be a substitute for professional financial advice, consultation, or recommendations. Users are encouraged to consult with a qualified financial advisor before making any investment decisions. The website owners and authors do not assume any liability for any loss or damage that may result from reliance on the information provided. All investments carry risk, and past performance is not indicative of future results.