Password Spraying

How to detect and mitigate Password Spraying

Password Spraying is a technique that attackers leverage to guess the password of an account. By trying a small number of highly common passwords against large numbers of accounts while also staying below an organization’s defined lockout threshold, the attacker can compromise accounts without any elevated privileges and likely without detection.

LEARN MORE ABOUT PASSWORD SPRAYING

    Request A Free Trial


    Stealthbits’ Password Spraying Solution

    Stealthbits’ products provide a multitude of ways to detect and mitigate Password Spraying.

    Detect Password Spraying Attack

    Detection of Password Spraying is possible by looking for patterns that indicate password guessing is taking place across numerous accounts.

    APPROACH #1

    Bad User ID Attacks

    DESCRIPTION

    Monitor for attempts to authenticate using non-existent user accounts. Many times, password spraying tools will attempt to guess account names rather than attacking a list of known accounts.

    PRODUCT: StealthDEFEND

    APPROACH #2

    User Account Attacks

    DESCRIPTION

    Monitor for attempts to authenticate against a large number of user accounts from a single source machine.

    PRODUCT: StealthDEFEND

    DOWNLOAD OUR COMPLETE ATTACK-TO-PRODUCT MAPPING GUIDE

    DOWNLOAD

    Mitigate Password Spraying Attack

    Mitigation of password spraying is possible by enforcing strong password standards and reducing password sharing across accounts.

    APPROACH #1

    Enforce Strong Passwords

    DESCRIPTION

    The best way to mitigate Kerberoasting is to enforce long, complex and regularly changing passwords for service accounts. Also, reduce sharing of passwords across accounts and using easily guessed passwords that may appear in hacker dictionaries.

    PRODUCT: StealthINTERCEPT Enterprise Password Enforcer

    APPROACH #2

    Reduce Password Sharing

    DESCRIPTION

    Identify when multiple user accounts are sharing the same password and force them to change their password.

    PRODUCT: StealthAUDIT

    Seeing is believing.

    REQUEST A DEMO

    RESOURCES

    StealthAUDIT for Active Directory

    DATA SHEET

    LEARN MORE

    StealthDEFEND for Active Directory

    DATA SHEET

    LEARN MORE

    StealthINTERCEPT Enterprise Password Enforcer

    DATA SHEET

    LEARN MORE

    Free Risk Assessment

    Request a Trial

    Request a Demo

    Browse the Resource Library

    © 2022 Stealthbits Technologies, Inc.

    Privacy Policy