Brute Force Attack
A password attack method where the attacker attempts to guess the password through trial and error with every combination of every imputable character.
There are several types of brute force attacks.
Attack Methods
| Method | Description |
|---|---|
| Online | The attacker has to submit the passwords using the same UI interface while the target is up. Can be defended against using lock-out policies. |
| Offline | The attacker tries to steal the password file. If they get it, they can run unlimited login attempts. |
| Password Spraying | The inverse of what's expected. Instead of one user account, multiple passwords, it's multiple user accounts, one (common) password. |
| Dictionary Attack | The attacker uses a list of common words or phrases to guess the password. Can be defended against using longer, more complicated passwords. |
No comments to display
No comments to display