Skip to content

Brute Force Attack

Brute Force Attacks: Understanding the Basics and Prevention

Defend Against Brute Force Attacks
Table of Contents

What is a brute force attack?

With a brute force attack, the attacker attempts to crack a password or username using an “exhaustive search” or trial and error approach. In cryptography, a brute force attack consists of the attacker submitting many passwords or passphrases, systematically checking all possibilities until the correct one is found. Brute force attacks are usually aimed at obtaining personal information such as passwords, passphrases, usernames and Personal Identification Numbers (PINS).

How to prevent a brute force attack

The longer the password, the more combinations will need to be tested. If methods such as data obfuscation are used, the brute force attack can be difficult to perform and even impossible. However, if the password is weak, finding it could take seconds with hardly any effort on the attacker’s part. This is why all organizations and users should adopt a strong password policy across all applications and systems.

Brute force attacks include:

  • Simple Brute Force Attack
  • Dictionary Attack
  • Hybrid of Simple and Dictionary Brute Force Attacks
  • Reverse Brute Force Attack
  • Credential Stuffing

Learn More About Contrast Security