Credential Stuffing Prevention

Credential stuffing is a type of cyberattack where malicious bots or scripts perform large-scale automated login attempts using stolen or leaked username-password pairs from previous data breaches. These attacks can lead to unauthorised access, data theft, fraudulent transactions, and content manipulation.

MaxiSafe helps prevent credential stuffing by detecting and blocking abnormal login behaviour and automated access patterns. By enforcing access control policies and mitigating automated login attempts, it reduces the risk of account takeover and ensures secure, uninterrupted access for legitimate users.

Steps:

1. Go to AI-WAF > Advanced Protection.
2. Click Brute Force Protection and create a brute force rule.
3. Configure your website login page path, username and password parameter names, and configure the detection frequency.
4. Under Action, select Block to prevent mass login attempts.