What it is
Password spraying is an attack technique where adversaries try a small set of common passwords (for example, Welcome123) across many different user accounts instead of repeatedly targeting one account. This spreads the attempts out to evade lockout controls and alert thresholds that trigger when a single account is hammered.
Why it matters
Password spraying is difficult to detect and frequently succeeds in organizations with weak password policies or missing multi-factor authentication. One successful login can give attackers access to email, internal portals, or cloud services, and often becomes a stepping stone to broader compromise.
How to reduce risk
- Enforce strong, unique password policies and avoid common defaults.
- Enable multi-factor authentication (MFA) for all user and admin accounts.
- Monitor authentication logs for low-and-slow login patterns across many users.