Security News > 2022 > April > How to protect your ADFS from password spraying attacks
A password spraying attack is a specialized password attack commonly used by attackers that is reasonably effective and helps avoid detection by traditional password defenses.
Password spraying is all about playing the odds-attackers know if they spray common passwords across thousands of accounts, most likely, they will have a few successes in users that have easy-to-guess passwords like these recently found in the 2022 Weak Password Report from Specops.
So how can organizations protect their ADFS environment from password attacks, including password spraying and other threats that attempt to steal and compromise credentials?
Microsoft recommends a multi-tiered approach for securing your ADFS environment from password spraying and other types of password attacks.
One of the significant weak points in traditional enterprise datacenter password security is the outdated password policies found in Active Directory Domain Services password policies that allow for easy-to-crack passwords to run rampant throughout an organization.
The ADDS password policy is not designed for the modern password challenges facing organizations today, including password spraying attacks and dangerous end-user behaviors such as incrementing passwords.