How Cyber-Aware Companies can Thwart Password Sprayers

A company’s top priority should be ensuring that employees know how to create complex, unique passwords for all of their accounts. Easy-to-guess passwords render the organization vulnerable to attackers who can employ simple hacking techniques to break in.
One such way is password spraying, which is when hackers try a specific password across a wide range of accounts before moving on to the next one. Password spraying attacks identify a single weak link within your organization and then use that to gain access to your entire network and can cause a serious breach. 
In a recent piece for Security Magazine, NINJIO COO/CISO pointed out the dangers of poor password security habits, highlighted by several key statistics: 

More than 50 percent of employees admit to using the same password for multiple accounts. 13 percent use the same password for every account. 

In 2020, more than 8 million accounts used one of the following passwords in 2019: “12345,” “123456,” “123456789,” “test1,” and “password.” 

Less than 25 percent of employees use a password manager.

In 2020, 66 percent of employees hadn’t been provided with new password management guidelines, while 35 percent were reusing passwords for their business accounts.

The solution here is quite obvious, though the data above show many organizations are still lacking a fundamental understanding of the importance of password security. Matt argues that “To effectively guard against password spraying attacks, companies have to recognize that every employee has a role to play. It’s especially important to reiterate this point at a time when millions of employees are working from home and messaging on cybersecurity has been reduced or disjointed.”
Read the full article here to get more tips for thwarting password sprayers.