Glossary
PASSWORD SPRAYING
defined.
An attack that tries one or a few common passwords against many accounts — designed to avoid per-account lockout policies.
A–Z
An attack that tries one or a few common passwords against many accounts — designed to avoid per-account lockout policies.
Password spraying is the #1 starting point for cloud account compromise. Detection comes from anomalous authentication patterns (one source, many accounts, low password-per-account ratio) and adaptive MFA.
See our web application penetration testing, API security testing, network penetration testing, and cloud security audit services for how we test for and defend against this class of issue.
30-minute call with an OSCP-certified engineer. Tailored proposal in 24 hours.