Google has released the results of a large-scale study about password habits that shows why hackers use ‘password-spraying’ attacks on online accounts: many users stick with the same password, even when they’re warned it’s been compromised.
Password spraying has emerged as an effective technique to brute-force or guess passwords, as well as to bypass systems that lock accounts after too many wrong guesses.
The US government recently warned that Iranian hackers have been using the method to deploy destructive malware on systems, and hackers used it to gain a foothold in tech company Citrix and from there steal 6TB of information.
