That FBI report on credential stuffing finally got me to change my passwords

I always thought I was safe because I used different passwords for my bank and email. Then I read that 80% of data breaches involve weak or reused passwords, and they found over 15 billion credentials on the dark web from places like LinkedIn and Adobe. Saw that stat in a Krebs on Security article last Tuesday and it hit me that even my "different" passwords were just variations of the same thing. Anyone else have a reality check from one of those breach reports?

3 comments

3 Comments

nancy8171mo ago

Well I still reuse passwords and haven't had one problem yet.

taylor121mo ago

I see your point @nancy817, but I've been burned by that logic before. It's not about whether you've had a problem yet, it's about how quickly everything can fall apart when one site gets hacked and suddenly someone has your email and that same password. Even if the site you reused it on seems safe, data breaches happen all the time and you might not even know about it until it's too late. One compromised account can lead to someone getting into your bank or your work email before you can change anything. Just takes one bad day to make all those years of not having a problem not matter at all.

robert_bell1mo ago

Yeah but that's kind of like saying you don't need insurance because you haven't crashed yet. The whole point is you won't see it coming until it's already a mess.