(also brute force attack)
Brute-force attack definition
In a brute-force attack, a hacker uses a rapid trial-and-error approach to guess the correct password, PIN, or encryption keys to gain access to any password-protected account, platform, or system or to decrypt password-protected data. Brute-force attacks are often automated, with specialized software trying out thousands of different password combinations per second to break through.
Brute-force attack examples
- Credential recycling attacks involve hackers using previously leaked credentials to gain access to the person’s other accounts.
- Dictionary attacks involve hackers using popular phrases or symbol combinations (like “qwerty”) to guess the user’s credentials.
Stopping a brute-force attack
- Use a strong password because reverse brute-force attacks prey on accounts with common passwords.
- Use different passwords for each account to prevent easy access to your entire digital ecosystem. Once hackers find out one of your passwords, they will try it out for every other account you have.
- Use a reliable password manager like NordPass to generate unique passwords for each of your accounts.
- Use multi-factor authentication (MFA) — this way, even if hackers manage to guess your password, they won’t automatically be able to break into your account.