Password Spraying Attack
Alternative Forms
Low and Slow Attack
Spray-Password Attack
Definitions
Definition 1
From commonly used passwords. Or built from public sources on system users, e.g. employees.
Contrast with Password Brute-Force Attack.
Preferred or targets:
Systems using Single Sign-On (SSO) to gain access to multiple resources
Systems using federated authentication protocols as this may help to avoid detection
Email accounts
Password Spraying may be used as an initial attack and/or for lateral movement.
Possible countermeasures:
Alternatives to password authentication
Multi-Factor Authentication (MFA)
Multi-Step Verification (MSV)
Password complexity
Related Terms
Attack
HyperonymBrute Force Attack
HyperonymCredential Stuffing
HyponymHeap Spraying
Password
Quotes
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Bibliography
See Also
-
P, 2018 (Bibliography)
-
Password Spraying Attack (Dictionary)
-
Rahav, 2019 (Bibliography)
