Password Spraying
Password spraying is a cyberattack where the hacker tries to crack passwords to gain access to systems by testing out a small number of commonly used passwords on a large number of accounts (usernames). Unlike traditional brute force attacks which attempt to gain access to a single account by guessing multiple passwords, password spraying attempts to access a large number of accounts with a few commonly used passwords.
This is based on the assumption that within a large group of people, there’s likely to be at least one using a common password. Although it is a slower approach (as opposed to “blasting” the same account with multiple passwords concurrently), password spraying allows hackers to attempt to gain access to multiple accounts without getting locked out, which would alert the target to what’s happening or in some cases cause the account to be locked.