A security analyst is reviewing authentication logs and notices a high volume of failed login attempts from a single IP address. The attempts target many different user accounts, but all use a small set of common passwords like 'Password123' and 'Winter2025'. This 'low-and-slow' method appears designed to avoid individual account lockouts. Which type of password attack does this activity indicate?
Password spraying is a type of brute-force attack where an attacker attempts to access a large number of accounts with a few commonly used passwords. Unlike a traditional brute-force attack that targets a single account with many passwords, spraying targets many accounts with few passwords to prevent triggering account lockout policies. A dictionary attack is different as it typically uses a large list of passwords against a single account. A rainbow table attack is used to crack password hashes that have already been stolen, not for online authentication attempts. 'Plaintext/Unencrypted' refers to the insecure state of a password, not an attack method.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why do attackers use password spraying instead of traditional brute-force attacks?
Open an interactive chat with Bash
What are some common security measures to defend against password spraying attacks?
Open an interactive chat with Bash
How does password spraying differ from a dictionary attack?