Password Spraying

What is password spraying?

Password spraying is a technique used by malicious actors to compromise user accounts. 

When did it become a common technique?

In early 2019, 773 million passwords were exposed in a massive data breach titled “Collection 1”.  This password collection originated from over 2,000 leaked databases containing compromised passwords.  By trying all these passwords (spraying), the malicious actors are finding out who uses the same passwords, or weak passwords, on multiple accounts. 

Could I be impacted?

Last month, 530,000 Zoom accounts were compromised using password spraying based on a release from Zoom.  Just after Disney Plus went live, thousands of accounts were compromised as well using password spraying.  OIT has seen many instances of attempted password spraying at UA.  Duo is our best defense against this technique.  Different attempts come in the form of extortion emails that contain users’ actual passwords in the subject or text of the message along with different types of threats to try and scare the user into giving up money.  

How can I protect my accounts?

It’s important to emphasize that passwords should not be reused especially when accessing sensitive or restricted information like PHI.  If users have a password that they haven’t changed in a year or two, OIT Security strongly recommends changing it to a stronger password, and use two-factor authentication whenever it is offered, to dramatically reduce the risk. Also, create and store passwords in LastPass. UA students, faculty and staff have access to LastPass – a tool that can not only encourage strong passwords, but store passwords in a secure environment. Get started with LastPass today!