Stuffing Hacking Technique – What is it and How to Protect Your Devices from it? 


Stuffing is one of the most dangerous ways that online threat actors have been using to hack the retail industry, the hospitality sector, and the travel industry. In fact, shocking data by multiple reports have indicated that a whopping 100 billion credential stuffing hacking took place between July 2018 – June 2020 and about 63 billion of those belonged to the travel, hospitality, and the retail sector. 

The one thing that went wrong between 2018-2020 was the COVID pandemic. More than half the businesses that used to be offline suddenly erupted on the online platform. This created an entire new pool of unprotected devices for hackers and they misused the vulnerability in every which way they could. 

That said, stuffing that emerged as the biggest threat is basically carried out by many hackers. What they do is find out a very very long list of email IDs and passwords. While those are random, they still belong to users. Hackers then use every single possible combination of those accounts and passwords and that’s how they’re able to get unauthorized access into many devices. 

Whether it’s facebook or instagram or any other social networking site or search engine, every single one of them were affected. And the worst part was that it was usually the fault of the users of those sites and unaware employees that led to security breaching. Having said that, there were and still are ways to protect your devices and that of the company when working from home. Some of those precautions and techniques that can be adopted by individual users as well as companies are as follows.  

  1. Password Hygiene Practice

This one technique is for users. Your devices are most vulnerable in case the backdoor password is weak. So, making it strong by practicing clean techniques is recommended. 

Here’s what you need to do. 

  1. Do not ever repeat an old password that you once had. This is something that hackers exploit in stuffing attacks. 
  2. No two devices should be given a similar password no matter how strong and long or random the password is. 


  1. Using Password Manager App

Writing down passwords in unencrypted files is one of the biggest reasons that hackers are able to get their hands on all the passwords at once. Which is why experts recommend using password manager apps. These are encrypted software that can be used to save many passwords in a very safe way. In this way you have to remember just one password that is the password of the app itself. 

  1. Using MFA Backdoor Protection Technique

This one is highly recommended for organizations that mostly have remote working employees. When MFA is enabled in a device, the access to the system can only be attained when all the factors for authentication are cleared. Clearly, just a backdoor password will not allow hackers to enter inside the system in these cases. 

All in all, there are many options that can protect you from falling in the hands of hackers. All you have to do is trust and follow what the security experts suggest.