A few days ago, Roku subscribers were shocked to discover that some of their accounts had been compromised. There were a lot of elements that caused the hacks to occur, including Roku's security measures not being up to par to prevent hacking attacks. However, the main cause of the attack was due to what's called "credential stuffing," where a hacker takes account information leaked elsewhere and tries the same username and password combination on other websites.

Fortunately, credential stuffing is something you can protect yourself from with relative ease. In fact, it has never been easier to protect yourself from a credential stuffing attack.

Password managers make using unique passwords a breeze

You don't even have to remember them

If you log into a lot of different websites and services, it can be really hard to remember every single account credential you've ever set. As such, people tend to make one "master password" that they then repeat across every website. It's a convenient way of ensuring they're never locked out of an account, but the problems arise when the account details leak online. Once this happens, the hacker has a master key for all that person's accounts; all they have to do is repeat the same username and password on multiple websites and see if they get a hit.

The easiest way to mix up your passwords without having to remember them all is by using a password manager. These managers can automatically generate and save strong and secure passwords for you to use with your accounts. Whenever you want to create a new account, just ask the password manager to generate a new one and use it during the sign-up process. When you visit the website again, the password manager will fill in the details for you. Some password managers will even check if your accounts have leaked online.

Of course, password managers themselves require an account, which in turn means you need a username and memorable password to log into the manager and use your saved passwords. But all you need to do is remember that one password and you can unlock all of your account details. Keep that one password safe, and you shouldn't be a victim of credential stuffing.

Creating memorable yet unique passwords doesn't have to be difficult

A good choice if you're not a fan of password managers

As you might imagine, password managers can be a double-edged sword. Sure, all you need to do is log in once, and you gain access to every account you've ever made...but the same can be said for anyone else. If someone uses your PC, or a hacker manages to get into your personal password manager account, then they also gain access to all of your online accounts. As such, some people have an understandable aversion to using password managers, feeling they might be putting all their eggs into one basket.

Fortunately, there are ways to create a strong yet memorable password for each account. The key is to make a good "base password," something that you'll always remember no matter what. Then, you add a unique identifier depending on the website you're logging into. When you go to log into the account, you remember the base password, then the identifier that you set for the website, and combine the two together to get your login information.

For example, let's say you set the password "TechIsGreat87." If you want to sign into Facebook to talk to your friends, you can set your password to "TechIsGreat87Friends". If you're signing into your online shopping account to do the week's groceries, you can use "TechIsGreat87Groceries" as your password. The base doesn't change, but you add a memorable identifier somewhere within the password related to the website. It's a good idea not to use the website's name (i.e. "TechIsGreat87Facebook") because it makes it easy for a hacker to work out what the unique identifier is.

Strong passwords are important, but so is variety

It can feel like a catch-22; you need your passwords to have lots of letters, symbols, and numbers to be strong, but they also have to be memorable so you can use them to log on, but they also have to be unique for every website. As such, some people resort to using the same password across every website, which leaves them susceptive to credentials stuffing. Fortunately, you don't need to memorize every password you set like you're studying for an exam; instead, either using a password manager or creating variants of a base password should help keep you secure without being a pain to remember.