PayPal says crooks poked around 35,000 accounts in credential stuffing attack

This report says “That passwordless option is looking really good right about now” — Well, they seem to have forgotten that WHAT IS REMOVED CANNOT SERVE.

“What is removed can never be attacked” is true, and “what is removed can never serve” is also true. The latter is often forgotten. Soldiers and passwords, that are not there and therefore can never be attacked, would never be able to serve.


You are invited to spend several minutes on “How to not see our weak digital identity further weakened”



Hitoshi Kokumai

Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.