Security of a web service is of upmost importance to both the operators of the service and its users. As more people utilize the Internet to communicate, conduct business transactions, and utilize other services, more threats to website security arise. Website owners, insurers, hosting services, and others involved in the provision of a web service typically strive to create a robust security infrastructure for a website to prevent nefarious individuals from compromising the site. However, despite these security precautions, a website could still be subject to intrusions by computer hackers, malware, viruses, and other malicious attacks. Websites may be vulnerable to security breaches for a variety of reasons, including security loopholes, direct attacks by malicious individuals or software applications, and other security threats.
With every security breach on a web service, user credentials such as usernames, passwords, credit card numbers, and other personal information may be stolen. To avoid the hassle of remembering different username and password combinations, account owners typically reuse the same credentials across different web services. Thus, if attackers get access to account credentials, even if specific to a single website, they often try using them on as many sites as possible. There is a good likelihood that these unauthorized users will gain access to several accounts on other sites that have not actually suffered any past security breaches. Such breaches, even if on a third party site, affect the legitimate account owners as well as the reputation of the site.