Skip to main content

Brute Force Attack

A brute force attack, (otherwise known as brute force cracking), is an attempt to crack a password, username, find a hidden web page, find the key used to encrypt a message, using a trial and error approach with the hope to eventually guess correctly. This attack method has been around for a long time and is still popular because of it’s effectiveness.

The most basic brute force attack is the dictionary attack. This is where the attacker works through a dictionary of possible passwords and tries them all. This type of cyber attack starts with some assumptions about common keywords to try and guess from the list in the dictionary.

Computers manufactured in the lasts couple of years can brute force crack an 8-character alphanumeric password in about two hours using a Brute Force Attack called an exhaustive key search. The computer is able to try every possible combination of every possible character to find the right combination. This happens so fast that they can decrypt a weak encryption hash in mere months.

Another type of Brute Force attack is credential recycling – which is where the hacker is able to reuse usernames and passwords from other data breaches to try to break into other systems.

Reverse Brute Force Attacks use a common password like “123456” and try to brute force a username to go with the password.

If you want to learn more about how to create a strong password and avoid being a victim of Brute Force attacks, read our blog about creating strong passwords.