Articles in this section

See more

How to prevent password spraying attacks.

Proximity Login Solution
  • Updated
Follow

Prevent Password Spraying Attacks with GateKeeper.

Password spraying is type of cyberattack that takes advantage of users' common, weak, and easily-guessed passwords. Instead of traditional brute-force attacks that generally target a single account with as many possible password combinations as possible, password spraying attacks involve brute-forcing a large number of accounts using a single password that the malicious actor knows to be statistically existent.  

 

Signs of password spraying attacks

  • Large number of login attempts
  • Large number of account lockouts due to attempted logins
  • Logins reported from unusual geographical locations
  • Suspicious usernames that do not belong to existing users

Methods of password spraying prevention

  • Implement 2FA at the computer level and website level
  • Limit the number of login attempts for all accounts
  • Enforce long and difficult-to-guess passwords for all computer, web, and desktop application accounts
  • Do not use common words from the dictionary in passwords
  • Prohibit password sharing
  • Prohibit password reuse/password recycling
  • Implement a password manager to automate passwords for all employees
  • Utilize a tool to automate the changing and sharing of passwords
  • Utilize a tool to automate the locking of computers to prevent unauthorized access
  • Use a physical-based factor to login such as a hardware token to minimize the potential attack vectors by cybercriminals
  • Actively monitor the network for unusual activity
  • Set up alerts to warn admins of suspicious login events/attempts
  • Create a culture around cybersecurity awareness

How_GateKeeper_Helps_Defend_Against_Brute-Force_Attacks.png

GateKeeper™ Proximity is an ideal solution for network-wide password spraying prevention at multiple levels including physical computer access, web login, and desktop applications using proximity-based continuous 2FA. No passwords for users to type and a central Hub for admins to instantly provision and deprovision keys, users, passwords, and computer access.

 

For any additional questions or concerns regarding GateKeeper™ cyber security, proximity settings, computer locking, credential management, or compliance, please contact GateKeeper Enterprise support using the Support Ticket form on https://gkaccess.com/support/ or email support@gkaccess.com.

GateKeeper_Halberd_touch_to_unlock_Automatic_Unlock_positioning_2.jpg

-------------------------------------------------------------------------------------------------------------------------
Spray attack; cyberattacks; cybercrime prevention; cybercrime defence; 

Comments

0 comments

Please sign in to leave a comment.