jspωiki
Password Reuse

Overview#

Password Reuse is the concept from that is recommended by information security experts have using a unique password for every individual site on which Traditional Registration is required.

Password Reuse is, within a restricted Context part of the Password Modification Policy

With an average of 130 accounts registered to one Email Address in the United States, it's not surprising that 73% of users have duplicate passwords. Expecting a User to remember 130 different passwords would be extremely difficult for anyone — and probably send Password Recovery requests through the roof.

Password Reuse across multiple Password-based services is common. According to a 2018 study of nearly 30 million users and their passwords, password reuse and modifications were common for 52% of users. The same study also found that 30% of the modified passwords and all the reused passwords can be cracked within just 10 guesses. This behavior puts users at risk of being victims of a breach Replay attack. Once an Attacker gets hold of a Credential Leaked Databases, they can try to execute a breach replay attack. In this attack, the actor tries out the same credentials on different services to see if there is a match.

In 2019 Microsoft's threat research team checked over 3 billion credentials and found a match for over 44 million Azure AD and Microsoft Services Accounts.

More Information#

There might be more information for this subject on one of the following: