What attack technique is characterized by multiple accounts using the same set of passwords?

The technique characterized by multiple accounts using the same set of passwords is password spraying. This approach involves an attacker attempting to access a large number of accounts by using a few commonly used passwords. Instead of targeting a single account with numerous passwords, password spraying spreads the attempts across many accounts. This method can often bypass account lockout mechanisms that trigger after multiple failed login attempts for a single user account, making it a more stealthy and effective attack strategy.

In contrast, credential stuffing involves using stolen credentials from one service to access another service, often leveraging the fact that many users reuse passwords across different sites. Password brute forcing, on the other hand, entails trying many combinations of passwords for a specific account until the correct one is found, which can lead to account lockouts if too many attempts are made in a row. Account lockout refers to a security measure that prevents access after a certain number of failed login attempts, rather than an attack technique itself.