#1243092: Reddit locks out users with poor password hygiene after spotting 'unusual activity'

Description: Some Redditors have been locked out of their accounts over a mysterious security problem that the internet forum's admins have blamed on people reusing old passwords.

Precisely what has happened, or whether Reddit itself has suffered a hack or data breach, is not yet known, only that the website described it as a "security concern".

However, a thread posted by Reddit admin Sporkicide squarely blamed the all-encompassing forum's users for bad password hygiene.

Credential-stuffing attacks are where compromised usernames and passwords harvested by hackers from one site are tried on other sites to see whether they work. One easy way of avoiding this is to not reuse login credentials across different websites.

"Over the next few hours, affected accounts will be allowed to reset their passwords to be unlocked and restored. This will take the form of either a notification to the account (yes, you'll be able to log in to get it) and/or an email to any support ticket you've already sent in," continued Sporkicide's post.

Another possible reason for an enforced password reset could be a compromise of users' login credentials from the site operator. There is no evidence in the public domain either way, however.
More info: https://www.theregister.co.uk/2019/01/10/reddit_password_reset/

Date added Jan. 11, 2019, 6:27 a.m.
Source The Register
Subjects
  • Latest Global Security News
  • Reddit