A brute force attack is a trial-and-error method it is used to obtain information such as a user password or personal identification number (PIN). In a brute force attack, the automated software is used to generate many consecutive guesses as to the value of the desired data. The Brute force attacks may be used by criminals to crack the encrypted data, or by a security analysts to test an organization’s network security. The brute force attack is also known as brute force cracking or simply brute force.
A password and a cryptography attack that does not attempt to decrypt any information, but it continues to try a list of different passwords, letters, or words. A more complex brute-force attack involves for trying an every key combination until the correct password is found. Due to the number of possible combinations of numbers, letters, and symbols, a brute force attack can take a long time to complete. The higher the type of encryption used (64, 128 or 256-bits encryption), the longer it can take.
Protecting Your Data From Brute-Force Attacks
- Keep your encrypted data safe where attackers can’t get access to it. Once they have copied your data to their hardware, they can try the brute-force attacks against it at their leisure.
- If you run any service that accepts logins over the Internet, ensure that it limits the login attempts and blocks the people who attempt to log in with different passwords in a short period of time. The Server software is generally set to do this out of the box, as it’s a good security practice.
- Use the strong encryption algorithms, such as SHA-512. Ensure that you’re not using old encryption algorithms with known weaknesses that are easy to crack.
- Use the long, secure passwords. All the encryption technology in the world isn’t going to help if you’re using “password” or the ever-popular “hunter2”.