Password Spraying

Password spraying is an attack technique in which an adversary attempts to compromise user accounts by attempting to authenticate with a curated list of passwords that are either frequently used or likely to be used by their target. Password spraying can be conducted by an external adversary against any internet-facing system or SaaS application, or by an adversary that has gained a foothold within the network and is seeking to widen their access. Frequent targets for password spraying include VPN