Brute Force Attack

A brute force attack is a trial-and-error method of guessing passwords or encryption keys by systematically trying every possible combination until the correct one is found. Simple brute force tries every combination sequentially, while more sophisticated variants use dictionaries of common passwords, known patterns, or previously leaked passwords to speed up the process.

Defenses against brute force include account lockout policies (locking accounts after a number of failed attempts), multi-factor authentication, strong password requirements, and rate limiting on login attempts.