Microsoft talks password sprays, attack vectors, and how you can stay protected online

Want to learn what a “correct battery horse staple” is?

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

Cybercrime is everywhere online, and having even a single account with a username and password means you’re a hypothetical victim in the making. No password is invulnerable, after all. That’s why Microsoft has taken the time to whip up a blog post on the topic of password sprays, how they affect you, and what you can do to prevent yourself from getting got.

The long and short of a password spray is this: It’s when a threat actor gathers a list of usernames and common passwords and tries them against each other in hopes of stumbling upon correct combos. Microsoft outlines two different kinds of password sprays in itssecurity blog post:

Microsoft DART has seen a rise in password spray attacks within certain groups and has guidance on how people can effectively combat them without needing to know what “correct battery horse staple” is (spoiler: It’s a password selection methodology centered around utilizing strange phrases). Two big items on Microsoft’s guidance list are MFA (multifactor authentication) as well asdropping traditional passwords altogether. You can check out the company’s blog post for further advice and details.

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Robert Carnevale is the News Editor for Windows Central. He’s a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author ofCold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.