Q: What is "credential stuffing"?

A The process where users reuse the same username/password combination across multiple sites.
B The process where stolen account credentials (usernames and/or email addresses and the corresponding passwords). mostly from a data breach are used to gain unauthorized access
C The process wherein an application stores used passwords and prevents a user from using the last three passwords used.

Share this MCQ

Answer: B

Explanation:

Correct option:
The process where stolen account credentials (usernames and/or email addresses and the corresponding passwords), mostly from a data breach, are used to gain unauthorized access.

Explanation:
Credential stuffing is a type of cyberattack where attackers use stolen account credentials (username and password pairs) from one data breach to try and gain unauthorized access to users' accounts on other websites. This works because many people reuse the same login credentials across multiple services. If attackers have access to a breached dataset, they can automate login attempts on various websites, hoping to find users who have reused their credentials.

Identification, Authentication and Authorization

Share Above MCQ

‹ Previous Next ›

Write your comment

Learn More MCQ Questions from Authentication Identification, Authentication and Authorization

Q: What is "credential stuffing"?

Report Question