Azure AD – Get Password spray attack detection report when using Identity Protection

As you know, password attacks have been there for quite some time.

Well, if you are using Azure AD Identity Protection to help you secure your accounts, you now have the ability to have report on the specific password spray attack from the Risk Detection.

You need to use Azure AD P2 to be able to get this report; if you are using Azure AD P1, this will not be available.

To get the report, connect to you Azure AD portal ( or Azure portal ( and access the Azure Active Directory blade


Then go the Security\Risk Detections blade – hopefully you should not have to much report


Finally select Password spray as Detection type filter


Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies