Skip to main content
search

What is Credential Stuffing?

By November 4, 2020October 21st, 2025Jargon Busters1 min read

Tom Ellson

Tom is experienced in enabling JUMPSEC clients to achieve their security objectives and improve their resilience to a cyber attack. Tom understands where technical weakness and business risk intersect, ensuring clients maximise return on investment.

Thom explains credential stuffing.

Thom from our technical team gives an explanation of what credential stuffing is

https://www.youtube.com/watch?v=7IsvyGRniMs

Video transcript:

When professionals mention credential stuffing attacks, what they are usually referring to is the process of brute-forcing username-password pairs into applications in order to get a valid login.

For an attacker, this process can be automated to iterate through hundreds of thousands of credentials – perhaps captured from data breaches – to find a correct username-password pair. Valid combinations may be used by attackers to conduct fraud, or as a way of discovering passwords a user is likely to use – this information can then be used on yet more services.

Jumpsec logo transparent

Jumpsec Limited is a limited company registered in England and Wales under company number: 08327063

Follow Us

Contact Us

0333 939 8080
[email protected]

Open 24 Hours

Navigation

Home
Careers
Leadership Team
Penetration Testing
Red Teaming
Purple Teaming
Continuous Attack Surface Management
Contact

Find Us

Unit 3E – 3F, 33 – 34 Westpoint, Warple Way, Acton W3 0RG

Find us on Google Maps

Join Us

Interested in a role at JUMPSEC? Email [email protected]

©2026 Jumpsec | All Rights Reserved | Cookies Policy | Privacy PolicyTerms & Conditions | Sitemap

×

Under attack? Call our 24/7 Incident Response Hotline now

Get in touch with an accredited Incident Response experts who can help you contain, recover and mitigate attacks.

0333 987 4048

For regular switchboard please
contact - 0333 939 8080