Home Password spraying

Password spraying

(also password spraying attack, low-and-slow brute force attack)

Password spraying definition

Password spraying is a brute force attack that tries one popular password against many accounts instead of using different passwords on one account. Password spraying avoids account lockout from unsuccessful attempts, letting criminals operate undetected.

Real password spraying examples

Attacking company networks with predictable username conventions (such as name.lastname)

Attacking username lists obtained on the Dark Web

Attacking IMAP servers to spy on the email of higher-ranking staff

Stopping a password spraying attack

Always change your default password
Never use dictionary words or popular phrases as passwords
Create strong and unique passwords for every account
Use a password manager to keep track of complex passwords
Set up multi-factor authentication

Ultimate digital security

protected woman man sofa bubble devices xs

Malware protection
One account, six devices
Hide your IP

Get NordVPN