Netwrix and Stealthbits merge to better secure sensitive data. LEARN MORE

Password Spraying

How to detect and mitigate Password Spraying

Password Spraying is a technique that attackers leverage to guess the password of an account. By trying a small number of highly common passwords against large numbers of accounts while also staying below an organization’s defined lockout threshold, the attacker can compromise accounts without any elevated privileges and likely without detection.

    Request A Free Trial

    Thank You For Your Request

    A Stealthbits representative will contact you shortly.

    If you have any questions, you can contact our sales department by sending an inquiry to sales@stealthbits.com.


    Stealthbits’ Password Spraying Solution

    Stealthbits’ products provide a multitude of ways to detect and mitigate Password Spraying.

    Detect Password Spraying Attack

    Detection of Password Spraying is possible by looking for patterns that indicate password guessing is taking place across numerous accounts.

    APPROACH #1

    Bad User ID Attacks

    DESCRIPTION

    Monitor for attempts to authenticate using non-existent user accounts. Many times, password spraying tools will attempt to guess account names rather than attacking a list of known accounts.

    PRODUCT: StealthDEFEND

    APPROACH #2

    User Account Attacks

    DESCRIPTION

    Monitor for attempts to authenticate against a large number of user accounts from a single source machine.

    PRODUCT: StealthDEFEND

    DOWNLOAD OUR COMPLETE ATTACK-TO-PRODUCT MAPPING GUIDE

    Mitigate Password Spraying Attack

    Mitigation of password spraying is possible by enforcing strong password standards and reducing password sharing across accounts.

    APPROACH #1

    Enforce Strong Passwords

    DESCRIPTION

    The best way to mitigate Kerberoasting is to enforce long, complex and regularly changing passwords for service accounts. Also, reduce sharing of passwords across accounts and using easily guessed passwords that may appear in hacker dictionaries.

    PRODUCT: StealthINTERCEPT Enterprise Password Enforcer

    APPROACH #2

    Reduce Password Sharing

    DESCRIPTION

    Identify when multiple user accounts are sharing the same password and force them to change their password.

    PRODUCT: StealthAUDIT

    Seeing is believing.

    © 2021 Stealthbits Technologies, Inc.