Password spraying is an adversarial password attack technique in which a few commonly used passwords are utilized on multiple accounts. Rather than applying multiple passwords on the same account as done in a brute force attack, multiple accounts are targeted. Password spraying can help adversaries to bypass the access controls applied, which might lock the user account if multiple wrong passwords are attempted. This technique commonly targets SSO (Single Sign-On) and cloud applications.
In a password spray attack, adversaries “spray” passwords at a large volume of usernames.
With our Shadow IT Readiness Assessment, you can easily evaluate where your organization stands at the moment against Shadow IT risks. It's quick and anonymous, with instant results.