What is a Password Spray attack?Ī password spray attack is a type of brute force attack in which the attacker tries a large number of usernames with a list of common passwords against a target system to see if any will work.
If basic auth hasn’t yet been turned off for your tenant, or if you’ve asked for more time, you should read this. The evidence I see every day clearly indicates that password spray attacks are becoming more frequent.
The only reason we’re turning off basic auth in Exchange Online is to protect your users and data.
We have recently seen several indicators that show that many of our customers are being targeted by password spray attacks that leverage basic authentication.
0 kommentar(er)
