Credential Theft: How the Attack Landscape has changed and What You can do about it