Brute Force Attack
Brute Force Attacks: Understanding the Basics and Prevention
Defend Against Brute Force AttacksTable of Contents
What is a brute force attack?
With a brute force attack, the attacker attempts to crack a password or username using an “exhaustive search” or trial and error approach. In cryptography, a brute force attack consists of the attacker submitting many passwords or passphrases, systematically checking all possibilities until the correct one is found. Brute force attacks are usually aimed at obtaining personal information such as passwords, passphrases, usernames and Personal Identification Numbers (PINS).
How to prevent a brute force attack
The longer the password, the more combinations will need to be tested. If methods such as data obfuscation are used, the brute force attack can be difficult to perform and even impossible. However, if the password is weak, finding it could take seconds with hardly any effort on the attacker’s part. This is why all organizations and users should adopt a strong password policy across all applications and systems.
Brute force attacks include:
- Simple Brute Force Attack
- Dictionary Attack
- Hybrid of Simple and Dictionary Brute Force Attacks
- Reverse Brute Force Attack
- Credential Stuffing
Contrast is the clear customers’ choice
Contrast is named a Customers’ Choice in the 2021 Gartner Peer Insights “Voice of the Customer”: Application Security Testing report. With the highest percentage of 5-star ratings, this is the third consecutive year Contrast has received this powerful endorsement from customers.
Built for Developers. Trusted by Security.
Learn Secure Code
CROSS SITE SCRIPTING (XSS)
Learn about Cross site scripting (XSS) and how it affects your Java source code
SQL INJECTION
Learn about SWL injection and how it affects your Java source code
CLIENT SIDE INJECTION
Learn about client-side injection and how it can affect your source code