What is Password Spraying? | Abbotsford Tech Support
Password Security is getting trickier as Hackers get smarter. But Luckily, we know some of their favourite methods! Hackers love bad habits. And it is bad password habits that have led to a rise in a particular kind of attack – Password Spraying.
Password spraying is a type of brute-force attack.
In traditional brute-force attacks, a hacker usually tries to gain access to 1 single account by using a large number of passwords. Some are even smart enough to trawl through users’ social media accounts to gain snippets of personal info to use. (Things like family names or pet names, that people love to use in their passwords!) However, many companies have now grown wise to these attacks. So, many organizations lock an account after a certain number of failed login attempts. (Usually 3 to 5 attempts).
For a password spray attack, the cybercriminal uses 1 of 2 tactics to break through your Password Security.
The first is known as “low and slow”. Here, they start by getting a list of account usernames to attack. This is easier to do than you would think. After all, most organizations have a very structured way of doing company emails. Something like email@example.com. Then, all they need is a list of employee names, and now they have a potential list of login usernames!
Next, they “spray” those usernames with a single common password, like “password” or “123456”. (Something from these lists published every year!) Occasionally, they get even sneakier with their guesses and include local references. (For example, throwing in the word “canucks” for a Vancouver-based company!)
They keep doing this until they get a match.
They particularly like to target companies or systems where a central administrator or app sets a default password for new users. In these situations, the new users are then supposed to change that password during their first login. Sometimes, though, they don’t. And it only takes 1 forgetful person to risk a company’s password security!
The second type of spray attack is “availability and reuse”. This uses compromised login details that have been released and/or sold on the dark web. Attackers use this to gain entry by relying on the common habit of people to use the same passwords across multiple sites.
So, what can you do to protect your Password Security?
There are a few ways you can avoid becoming a victim:
- Use Two or Multi-Factor Authentication ( 2FA or MFA), so passwords are only part of the login process.
- Train on (and enforce the use of) strong passwords.
- Do not use default passwords for first-time users, or force password changes on the first login.
- Make sure that your system administrators have clear procedures in place for when users have been locked out and need a password reset.
If you are a Fraser Valley business owner and need more with Password Security, contact us!