Microsoft has recently announced the availability of the latest password spray detection for the Azure AD Identity Protection users. Password spraying is a prime attack type these days – the company noted that nearly one-third of the account compromises are due to such attacks.
The usual login patterns involve one or two attempts a day, and mostly they go undetected. However, such attacks yield a 1% success rate if only the targeted accounts do not use password protection solutions.
The tech giant mentioned, “Instead of trying many passwords against one user, they try to defeat lockout and detection by trying many users against one password. Effective forms of this attack are ‘low and slow,’ where the bad actor uses thousands of IP addresses.”