By NHI Mgmt Group Editorial TeamDomain: Governance & RiskSource: AuthsignalPublished October 21, 2025

TL;DR: Credential stuffing still succeeds because attackers reuse breached credentials at scale, with success rates of 0.1% to 4%, while AI agents are helping them bypass CAPTCHAs and mimic legitimate behaviour, according to Authsignal. The real defence is to move beyond static login flows toward adaptive authentication and passkeys, not to rely on rate limiting alone.


At a glance

What this is: This is a practitioner guide on why credential stuffing keeps working and which authentication controls change the outcome, especially adaptive MFA, behavioural checks, and passkeys.

Why it matters: It matters because account takeover risk sits at the intersection of human IAM controls, bot-driven abuse, and emerging AI-assisted evasion, so teams need controls that respond to risk rather than replay password-era assumptions.

By the numbers:

👉 Read Authsignal's analysis of how to stop credential stuffing in 2025


Context

Credential stuffing is a volume attack against human identity, not a password policy problem. Attackers use breached username and password pairs from other incidents and test them across services until they find accounts that still trust reused credentials and static login flows.

The governance gap is that many programmes still treat login as a one-time event rather than a continuously evaluated risk decision. That leaves identity teams trying to defend against bot behaviour with controls designed for legitimate users, which is why adaptive MFA and passkeys keep surfacing as the practical response.


Key questions

Q: How should security teams reduce credential stuffing risk without making login unusable?

A: Use adaptive authentication, not blanket friction. Step up only when risk signals suggest replay or automation, such as a new device, impossible travel, or abnormal login frequency. Then remove shared secrets where possible by prioritising passkeys, which eliminate the credential reuse pattern attackers depend on.

Q: Why do reused passwords still create such a large account takeover problem?

A: Because attackers do not need to guess passwords when they can replay credential pairs stolen elsewhere. Even a low success rate becomes material at scale when millions of combinations are tested simultaneously. The issue is not password complexity alone, but the organisation's willingness to keep accepting reusable secrets.

Q: How do teams know whether MFA is actually stopping credential stuffing?

A: Look beyond prompt volume and measure whether suspicious logins are challenged at the right time. Good MFA should correlate with lower takeover rates, fewer successful replays, and fewer resets from abused accounts. If legitimate users are inconvenienced while attackers still get through, the control is mis-tuned.

Q: What is the difference between adaptive MFA and passkeys for account protection?

A: Adaptive MFA changes the challenge based on risk, while passkeys remove the reusable password that stuffing depends on. Adaptive MFA limits abuse during sign-in, but passkeys reduce the attack surface itself. Most teams need both, with passkeys as the structural fix and adaptive MFA as the transition control.


Technical breakdown

Why credential stuffing defeats static authentication controls

Credential stuffing works because the attacker does not need to break a password, only to reuse one that already works elsewhere. Static controls such as simple rate limiting, fixed MFA prompts, and IP-based blocking often fail because the attack is distributed, low-and-slow, and frequently appears as a single attempt per account. That means the signal is weak unless identity systems evaluate context such as device reputation, velocity, geolocation, and prior user behaviour. In practice, the weakness is not authentication itself but the assumption that every login attempt deserves the same response.

Practical implication: build login decisions around risk signals, not fixed challenge rules.

Adaptive MFA and push authentication as risk-based controls

Adaptive MFA introduces conditional verification, meaning the system only steps up when the login looks unusual. Push authentication is useful here because it can give low-friction access to recognised users while forcing extra verification when the risk profile changes. The technical value comes from linking policy to signals such as a new device, impossible travel, repeated failures, or unusual login frequency. Without that linkage, MFA becomes either too weak to stop takeover or too annoying to use consistently.

Practical implication: tune MFA to trigger on context changes that indicate credential replay or bot use.

Passkeys remove the shared secret that credential stuffing depends on

Passkeys replace reusable passwords with public-key cryptography bound to the originating domain. The server stores only the public key, while the private key stays on the user’s device, so there is nothing for attackers to reuse across sites after a breach. That changes the attack model entirely: credential stuffing stops being a viable path because there is no shared secret in circulation. The operational advantage is that security and usability improve together instead of trading off against each other.

Practical implication: prioritise passkeys for customer and workforce journeys where password reuse is the dominant takeover risk.


Threat narrative

Attacker objective: The attacker wants to turn already-compromised credentials into unauthorized account access at scale, then monetise the resulting account takeover or downstream fraud.

  1. Entry occurs when attackers load stolen username and password pairs from breach dumps into automated tooling and test them across many websites and apps at scale.
  2. Escalation happens when bots evade CAPTCHAs, spoof IP sources, and blend into normal login traffic until a reused credential succeeds.
  3. Impact follows when the attacker reaches a valid account, enabling account takeover, fraud, data access, or further abuse of trusted identity sessions.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.


NHI Mgmt Group analysis

Password reuse is still the fuel source for credential stuffing. The article's core finding is not that attackers are clever, but that organisations continue to tolerate the same reusable-credential pattern across consumer and workforce login journeys. That makes credential stuffing a governance failure as much as an authentication failure, because the underlying identity policy still accepts shared secrets as normal. Practitioners should treat password reuse as a lifecycle and access-risk issue, not just a help desk nuisance.

Adaptive authentication is the point where identity control becomes contextual. Static MFA asks the same question every time, while adaptive MFA asks whether this session looks consistent with the expected user, device, and location pattern. That matters because credential stuffing is now shaped by mature bot infrastructure and, according to the source, AI agents that can bypass CAPTCHAs and mimic legitimate behaviour. Practitioners should stop measuring MFA by prompt count and start measuring its ability to challenge abnormal access paths.

Passkeys collapse the shared-secret attack surface that stuffing depends on. This is the named concept that matters here: shared-secret trust debt. Password-based systems accumulate reuse risk across services, and every breached credential list increases that debt until the next takeover event. Passkeys remove the cross-site reuse condition rather than trying to manage it forever. Practitioners should read this as a control-model shift, not a feature preference.

Identity teams need to align bot resistance with user experience, not oppose them. The article shows that passkeys can improve both security and usability, which matters because failed authentication programmes often lose when the user path is too cumbersome. If a control only works when users tolerate friction, attackers usually get a long enough window to keep winning. Practitioners should focus on controls that reduce attacker success without expanding legitimate user abandonment.

Credential stuffing is becoming an AI-assisted abuse pattern, not just a password attack. The mention of AI agents matters because it signals a broader shift in adversary capability, where automation can improve evasion, scale, and behavioural realism. That does not make the actor autonomous in the identity-model sense, but it does raise the bar for detection and challenge logic. Practitioners should assume the next wave of stuffing will look more human, not less.

From our research:

What this signals

Shared-secret trust debt: credential stuffing is the human identity version of the same structural problem NHIs face when static credentials outlive their intended use. As password reuse continues to feed account takeover, identity programmes should expect pressure to replace secrets with phishing-resistant authentication and stronger session-level risk evaluation. The control question is no longer whether MFA exists, but whether the login model still depends on reusable trust.

Passkeys change the economics of abuse by removing the replayable credential from the workflow, which means security teams can spend less effort chasing every bot and more effort shrinking the target surface. For broader context on shared-secret risk, the Ultimate Guide to NHIs, Static vs Dynamic Secrets is a useful reference point because the same governance logic applies across humans, service accounts, and other non-human identities.


For practitioners

  • Replace fixed MFA with adaptive step-up policies Trigger additional verification only when signals change, such as a new device, unusual geography, abnormal login velocity, or repeated failures followed by success. Keep the policy tied to identity risk, not to a universal prompt for every session.
  • Prioritise passkeys for high-reuse login journeys Move customer and workforce populations that generate the most reset traffic or account takeover exposure to passkeys first. Use the reduction in shared-secret dependence to shrink the credential stuffing attack surface before broader password retirement.
  • Treat bot evasion as an identity control problem Combine device fingerprinting, behavioural signals, and login telemetry so that a single low-confidence attempt does not look the same as normal use. The goal is to detect replay at the session edge, not after account compromise is complete.
  • Measure authentication by takeover resistance, not login convenience alone Track account takeover rates, challenge success, reset volume, and sign-in completion together. A control that reduces friction but leaves reused credentials exploitable has not improved identity security.

Key takeaways

  • Credential stuffing remains effective because organisations still accept reused credentials and static login flows as normal.
  • The evidence points to a clear shift in defence: adaptive MFA reduces abuse at the point of entry, while passkeys remove the shared secret that makes replay possible.
  • Identity teams should measure takeover resistance and replay suppression, because login convenience alone does not prove that access is secure.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Non-Human Identity Top 10 and MITRE ATT&CK address the attack and risk surface, while NIST CSF 2.0, NIST SP 800-63 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.

FrameworkControl / ReferenceRelevance
OWASP Non-Human Identity Top 10NHI-01Credential stuffing is enabled by reused or exposed credentials in NHI and consumer identity flows.
NIST CSF 2.0PR.AC-1Adaptive authentication aligns with identity verification before granting access.
NIST SP 800-63SP 800-63BPasskeys and phishing-resistant authentication map directly to digital authenticator guidance.
NIST Zero Trust (SP 800-207)Zero trust requires continuous verification rather than trust based on prior login success.
MITRE ATT&CKTA0006 , Credential Access; TA0001 , Initial AccessCredential stuffing is an initial access pattern driven by credential access and replay.

Reduce credential replay risk by replacing reusable secrets and tightening login challenge logic.


Key terms

  • Credential Stuffing: Credential stuffing is an account takeover technique that reuses username and password pairs stolen from other breaches. The attacker automates large-scale login attempts across many sites, relying on password reuse rather than breaking encryption or guessing secrets one by one.
  • Adaptive Authentication: Adaptive authentication changes the verification challenge based on context, such as device, location, behaviour, or login frequency. It is a risk-based approach to access control that reduces friction for expected users while increasing scrutiny when the login looks unusual.
  • Passkey: A passkey is a phishing-resistant authentication method based on public-key cryptography. The private key stays on the user's device and the public key is stored by the service, which removes shared secrets from the login process and blocks credential replay across sites.
  • Account Takeover: Account takeover is the unauthorised control of a legitimate user account after an attacker successfully authenticates or otherwise bypasses identity controls. It is often the downstream result of credential stuffing, phishing, or session abuse, and it can lead to fraud, data exposure, and further privilege misuse.

What's in the full article

Authsignal's full article covers the operational detail this post intentionally leaves for the source:

  • Step-by-step guidance for tuning adaptive MFA policies around risk signals such as device, location, and login frequency.
  • Practical comparison points between push authentication, behavioural biometrics, and passkeys for different user journeys.
  • Implementation detail on how passkeys affect account recovery, help desk load, and sign-in friction in production environments.
  • Concrete deployment examples for teams moving from password-based login to phishing-resistant authentication.

👉 Authsignal's full article covers adaptive MFA, behavioural checks, and passkey adoption detail.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building or maturing an identity security programme, it is worth exploring.
NHIMG Editorial Note
Published by the NHIMG editorial team on July 11, 2026.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org