Re: dropbox security situation
Hi,
8 déc. 2019 à 14:47 de jhasler@newsguy.com:
> Do you use the same username everywhere? It's common for criminals to
> collect lists of usernames and try them in combination with guessed
> passwords on as many services as possible. The yield is low but it's
> cost-effective for them because the process is fully automated using
> thousands of bots and many people use poor passwords.
>
It's called Password Reuse attacks or Password stuffing btw if you want to get more information about it.
I've seen last week that some tools like PAF Credentials Checker (https://github.com/kindredgroup/paf-credentials-checker) are developped to detect potential use cases/occurrences to help mitigating the risks.
Usual advice : use strong passwords (i.e. long enough with high entropy => generated&stored in a dedicated password manager) AND 1 different per service, never the same.
Best regards,
l0f4r0
Reply to: