Password spraying, translated directly as "password spraying attacks," refers to a so-called horizontal password guessing, where one or a couple of common and funny passwords are used to try logging in to multiple different user accounts. In this way, the accounts do not get locked out as individual accounts only receive one or a couple of login attempts.

The attack is quite simple and proceeds in the following stages:

Get a list of usernames that are guessed.

Choose a pair of common passwords (123456, password, etc).

Try one password at a time for each different username.

Password Spraying attacks

Passwords are terribly insecure for an awful lot of reasons, but still necessary. A dangerous combination!

Passwords are unbelievably insecure for a number of horrifying reasons, but still necessary. A dangerous combination!

Passwords must die

Password Spraying attacks

Password spraying

Attack

Exercise

Ready to become an ethical hacker?
Start today.

Password Spraying attacks

Password spraying

Attack

Exercise

Ready to become an ethical hacker?Start today.

Ready to become an ethical hacker?
Start today.