Scanning your connection...
Default PrivacyDefault Privacy
Back to Glossary
Attacks

What is Credential Harvesting?

The practice of collecting login credentials through phishing pages, data breaches, malware, or social engineering.

Credential harvesting is the first step in most account takeover attacks. Attackers collect usernames and passwords through various methods.

Methods

  • Phishing: Fake login pages that capture credentials
  • Data breaches: Stolen databases with hashed or plaintext passwords
  • Keyloggers: Malware that records keystrokes
  • Man-in-the-middle: Intercepting credentials on insecure networks
  • Password spraying: Trying common passwords across many accounts
  • Social engineering: Convincing people to reveal credentials directly

Scale

  • Billions of credentials are available on dark web marketplaces
  • Automated tools test stolen credentials across hundreds of services
  • Credential databases are traded, combined, and enriched over time

Protection

  1. Use a unique password for every account
  2. Use a password manager to generate and store passwords
  3. Enable FIDO2/WebAuthn (phishing-proof)
  4. Enable TOTP 2FA where FIDO2 isn't available
  5. Monitor Have I Been Pwned for your email addresses

Related Terms

Credential Stuffing

An automated attack that uses stolen username/password pairs from one breach to try logging into other services, exploiting password reuse.

Keylogger

Malicious software or hardware that records every keystroke typed on a device, capturing passwords, messages, and sensitive information. Keyloggers can be installed through malware, physical access, or malicious browser extensions.

Phishing

A social engineering attack where attackers impersonate legitimate entities through fake emails, websites, or messages to trick victims into revealing sensitive information like passwords, credit card numbers, or personal data.

Social Engineering

Psychological manipulation techniques used to trick people into revealing confidential information or performing actions that compromise security. Social engineering exploits human trust rather than technical vulnerabilities.

Have more questions?

Use our guided flow to get the right next privacy step for Credential Harvesting.

Open Guided Flow