Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown
Online security and privacyVPN for your company networkPassword managementBusinessBusiness password solutionsEncryption with cloud storage
home
Password spraying

Password spraying

(also password spraying attack, low-and-slow brute force attack)

Password spraying definition

A brute force attack that tries one popular password against many accounts instead of using different passwords on one account. Password spraying avoids account lockout from unsuccessful attempts, letting criminals operate undetected.

Real password spraying examples

Attacking company networks with predictable username conventions (such as name.lastname)

Attacking username lists obtained on the Dark Web

Attacking IMAP servers to spy on the email of higher-ranking staff

Stopping a password spraying attack

  • Always change your default password
  • Never use dictionary words or popular phrases as passwords
  • Create strong and unique passwords for every account
  • Use a password manager to keep track of complex passwords
  • Set up multi-factor authentication

Further reading

NordPass password manager: Next-level password security
What is a brute force attack?

Ultimate digital security

We value your privacy

This website uses cookies to provide you with a safer and more personalized experience. By accepting, you agree to the use of cookies for ads and analytics, in line with our Cookie Policy.