Identity & Access Security Bloggers Network

Home » Promo » Cybersecurity » 10 Billion passwords leaked: What will hackers discover with yours?

10 Billion passwords leaked: What will hackers discover with yours?

by Engineering @ SquareX on July 9, 2024

Protect your enterprise from credential stuffing attacks with SquareX

A few days ago, a massive leak of 10 billion passwords hit the internet, making it the largest collection ever. The only people who are not sweating from this news are those who believe in a monogamous one password to one account relationship. As we speak, hackers are using these passwords for credential stuffing attacks, where they use the same credentials on various different web applications, banking on the face that people reuse passwords frequently.

When a vast trove of passwords becomes public, attackers can use automated tools to test these credentials across various websites and services, hoping to find matches. If successful, they can infiltrate sensitive systems, steal valuable data, and cause extensive damage. The consequences can range from financial loss and operational disruption to severe reputational harm.

Enterprises cannot control the security of the third-party applications that employees are using for work-related tasks, which may not always adhere to stringent security standards. Even if an organization enforces strong password policies internally, it cannot guarantee the same level of security across all third-party platforms employees might use.

Given the limitations in controlling third-party applications, enterprises can instead implement SquareX, to actively monitor and prevent password reuse. As an in-browser solution, SquareX can detect when an employee attempts to reuse a password before the form even hits the network-layer.

If you’ve been reading the blogs so far you know the drill — create a new ‘Identity’ policy and prompt the AI policy generator with “Block password reuse”. Voila!

SquareX’s AI Generated policy to block password reuse

Now, when employees reuse a password from another site, they will be blocked from moving forward. Even if they have an account created previously that is reusing a password from another site, they will have to reset the password to move forward.

Sleek, ey? A quick demo can be viewed here:

<a href="https://medium.com/media/4f0f6a0d9c1f4454b512721d3c3b8432/href">https://medium.com/media/4f0f6a0d9c1f4454b512721d3c3b8432/href</a>

For more demos on how SquareX can help protect your organisation against identity attacks, check out https://sqrx.com/usecases/identity-attacks

Reach out to us if you are interested! Email us at [email protected]

10 Billion passwords leaked: What will hackers discover with yours? was originally published in SquareX Labs on Medium, where people are continuing the conversation by highlighting and responding to this story.

*** This is a Security Bloggers Network syndicated blog from SquareX Labs - Medium authored by Engineering @ SquareX. Read the original post at: https://labs.sqrx.com/10-billion-passwords-leaked-what-will-hackers-discover-with-yours-2ed0abb61b71?source=rss----f5a55541436d---4