Jamie Hughes, Lead Solutions Engineer, AuthO
As a central authentication service that processes billions of logins a month, credential stuffing attacks are the most common threats we observe. These attacks can lead to fraud, loss of reputation, and ultimately, loss of revenue.
In credential stuffing attacks, threat actors use stolen credentials from one breach to takeover users’ other accounts. This is effective because 65% of people reuse passwords across multiple accounts, according to Google. On some days, these attacks originate from more than 50,000 IP addresses and may account for as much as half of all login attempts using our platform. Even the most mature companies are vulnerable if they don’t have the right preventative measures in place.