Brute Force Attack
Brute Force Attacks: Understanding the Basics and Prevention
Defend Against Brute Force AttacksTable of Contents
What is a brute force attack?
With a brute force attack, the attacker attempts to crack a password or username using an “exhaustive search” or trial and error approach. In cryptography, a brute force attack consists of the attacker submitting many passwords or passphrases, systematically checking all possibilities until the correct one is found. Brute force attacks are usually aimed at obtaining personal information such as passwords, passphrases, usernames and Personal Identification Numbers (PINS).
How to prevent a brute force attack
The longer the password, the more combinations will need to be tested. If methods such as data obfuscation are used, the brute force attack can be difficult to perform and even impossible. However, if the password is weak, finding it could take seconds with hardly any effort on the attacker’s part. This is why all organizations and users should adopt a strong password policy across all applications and systems.
Brute force attacks include:
- Simple Brute Force Attack
- Dictionary Attack
- Hybrid of Simple and Dictionary Brute Force Attacks
- Reverse Brute Force Attack
- Credential Stuffing