January 2019 Account Lockouts and Forced Resets Over Credential Stuffing

In January 2019 Reddit again locked a large group of accounts and triggered forced password resets after spotting unusual login activity consistent with credential stuffing. An admin (Sporkicide) explained that the most common cause was very simple passwords or reused credentials harvested from other sites' breaches, rather than any compromise of Reddit itself. Users with poor password hygiene were temporarily locked out and asked to reset before regaining access. Reddit urged affected users to pick strong, unique passwords and to enable two-factor authentication. The episode echoed the company's 2016 credential-stuffing response and followed its 2018 breach disclosure.