nullpay.
Back to toolkit
IdentityIntermediate20 minall

The Username Graph

Risk

The risk

Why this matters

Reusing usernames across platforms creates a public link graph. OSINT tools like Sherlock and Maigret automate this in seconds. Passwords get all the attention, but usernames are the overlooked attack surface — they're public by design.

Setup guide

How to set it up

  1. 1

    Check your exposure: search your main username on namechk.com or knowem.com

  2. 2

    For new accounts: use a unique, unrelated username per service

  3. 3

    Use a password manager to track which username goes where

  4. 4

    For existing accounts: prioritize changing usernames on sensitive services first

Go further

For power users

Run Sherlock against your own usernames to see what an attacker would find. Systematically migrate high-risk accounts to unique handles.