Password spraying

📟 It’s a simple hacking technique.

💸 Yet it created a lot of damage to companies around the world.

🏢 Even some top multinational tech companies were its victims!

*What is Password Spraying?*
🔓 In this technique, an attacker tries to access an account using a list of common and easy-to-guess passwords.

➡️ For example, easy passwords like serial numbers (1234, 123456,..) or using their first name as their password etc.

🤔 Doesn’t it sound like a brute force attack that we’ve seen in one of our previous posts?

✅ Yes, Password Spraying is a variant of brute force attack.

🔗 In a brute force attack, the attacker targets only a particular user ID. Whereas, in password spraying, the attacker picks a password and tries it on multiple user IDs.

🛡️ _*Password Spraying* cannot be stopped, but it can be detected and prevented sometimes with the right tactics and tricks.

💡 *QUICK TIP*: Length of the password is more important than the complexity of the password. So use longer passwords.