One of the largest threats to organizations today, especially those with externally facing systems or cloud providers are authentication attacks at the user level. One of these attacks is called “password spraying”. It involves the gathering of common passwords such as “Welcome2018” or “Winter2019” and trying these passwords against each known username in the domain. By using this method an attacker can try these username/password combinations on all the users of a network or on a cloud service like Office 365. Traditional safeguards, such as lockout policies, only protect from numerous password attempts on a single account, this attack focuses on doing the opposite, it tries the same password on numerous accounts, because each account only registers one failed login there is no effective way to block this activity.