How Auth Attacks Work and How to Protect Against Them

This video is from our Workforce Security Awareness Training. SPOTO trainer Keith Barker explains how to find out where and when your email address was compromised.
Millions of username and password combinations are released onto the internet with every data breach or hack. According to Have I Been Pwned, there are currently more than five billion compromised accounts.
These credentials are unlikely to be worth anything on the site where they were stolen. Companies reset passwords and notify their users when there is a breach. Most people use the same password to access multiple websites. An auth (or authentication attack) is used to determine if you have used the same password for multiple sites.
Learn how to become a security expert with SPOTO’s Cybersecurity Training
Start trainingWhat is an Auth attack?
An auth attack is when malicious actors use a computer to validate a list usernames and passwords against a website login.
They create lists of stolen password combinations and then attempt to log in to websites using the passwords. Auth attacks are not like brute force attacks, where hackers attempt multiple password combinations for a single username. Instead, they only attempt a username and password once on a website.
Malicious actors want to know if you are using the compromised password frequently. If you do, they will attempt to repackage the data and sell it to another malign actor or use it to compromise other accounts.
Your Adobe account information could have been compromised in 2013, for example. Adobe quickly reset your password so that an attacker couldn’t access it. The attacker still has access to one of your passwords. If you used the same password to access your LinkedIn account, the attacker will have access to it.
Here’s the thing about auth attack scripts. Auth attack scripts can’t steal data, steal money or alter settings. The computer program logs out immediately if it finds a password that works. Its sole job is to determine if a password is active. Once it has done that, it is done.
You might be thinking, “So, What?” The attacker will likely try your credentials on many other websites. If the program finds you used the same password on Netflix, LinkedIn, or Facebook, there’s a good possibility that you used it elsewhere, such as your bank account or retail accounts.
Are auth attacks dangerous?
Yes. Yes. Although auth attacks can be used to access and exit accounts instantly, they are designed to steal your password.
How can you protect yourself against auth attacks?
Auth attacks are very easy to stop. There are three ways to stop even the most sophisticated auth attack:
Find out if your passwords are compromised. SPOTO trainer Keith Barker demonstrates how to use Have You Been Pwned in our Workforce Security Training to determine if your email address is still available.
For each website, use a different password. It’s easy for people to forget password diversity when there are so many logins. According to a Mashable survey, 87 percent of people use the same password on multiple websites. This leaves you vulnerable to hacker attacks.
Use two-factor authentication. Many online services require two-factor authentication (2FA) or offer it. When you log in to your account with 2FA, you will be asked to enter a number via text message, phone call, or app. 2FA should protect your most important accounts.
How to improve your online security
Opportunist attackers are common. Malicious actors don’t spend too much time attacking one account, despite the abundance of data breaches that are available on the internet. They aren’t trying break into a car to hotwire it. They will be looking for the car with an engine running.