Brute-force attack

What is a brute-force attack?

A brute-force attack is a method in which an attacker attempts to guess a password, encryption key or other form of access control by trying every possible combination. This method does not require any specific vulnerabilities in the system. Instead, it relies on the attacker simply trying every possible combination of character systematically until the correct value is found. The duration of a brute-force attack depends heavily on the length and complexity of the password, as well as the attacker’s computing power.

Types of brute-force attacks

There are various types of brute-force attacks:

  • Simple brute-force attack: All possible character combinations are tested without following a specific strategy. Depending on the password’s length and complexity, this can take a very long time.
  • Dictionary attack: The attacker uses a list of commonly used passwords (e.g. ´123456’, ´password´) and tests these against the target.
  • Hybrid brute-force attack: A combination of a dictionary and brute-force attack. Common passwords are combined with numbers or special characters to test variations.
  • Reverse brute-force attack: Instead of guessing a password, a common password is tested against many usernames to find out which user is using it.
  • Credential stuffing: The use of stolen login credentials (username + password) from data breaches to log in to other systems or websites.
     

Protection against brute-force attacks

There are simple and complex measures to protect against brute-force attacks:

  • Strong passwords: Use complex, long passwords that contain a mix of upper- and lower-case letters, numbers and special characters. A minimum of 12 characters is recommended.
  • Multi-factor authentication (MFA): In addition to the password, a second level of security is introduced, e.g. a one-time code from an app or via text message.
  • Account lockout after multiple failed attempts: Locking accounts or delaying further attempts after a set number of failed logins.
  • Captcha: Captchas (e.g. ‘I am not a robot’) prevent unwanted attacks by blocking access after a certain number of failed attempts.
  • Password manager: A password manager creates and stores complex and unique passwords for each account without the user having to remember them.
  • Encryption and salting: Storing passwords in an encrypted form, with ‘salt’ (random data) added to make it more difficult to access passwords in the event of a potential data breach.
  • IP address blocking: IP addresses that make multiple failed logins attempts within a short period of time are blocked to prevent brute-force attacks.
  • Hashing algorithms: Use computationally intensive, secure hashing algorithms (e.g. bcrypt or Argon2) to store passwords securely, making brute-force attacks take much longer.

 

Conclusion

Brute-force attacks are a simple yet effective method for hackers to gain access to systems. However, they can be thwarted with a variety of protective measures. The use of strong passwords, multi-factor authentication and additional security features such as Captchas and account locks are essential steps to enhance security and prevent brute-force attacks.

 

 

back to the it-glossary

Our recommendation

zum Service

DTS DDoS Multilayer Protection

zum Service

More IT knowledge

IT Blog

IT Security Asset & Exposure Management: Transparency as the key to cyber resilience

To mitigate the rapidly expanding attack surface in enterprises, new success factors are required. In this context, two disciplines are currently gaining significant importance: IT asset management and exposure management. In the field of IT security in particular, these approaches are converging into a critical aspect. Why? Because companies that do not have a complete understanding of their digital assets and the security risks associated with them cannot effectively protect them. This article examines the fundamentals, differences, and concrete value of modern, security-focused asset and exposure management.

Read more
IT Blog

SASE – more than “just” security for modern networks

Many companies are familiar with this situation: The infrastructure somehow works, but no one can really explain why anymore. Applications are moving to the cloud, employees are working from anywhere, and the traditional network increasingly feels like a stopgap solution that was never built for this hybrid IT reality. It is precisely to address this gap that a concept has emerged that amounts to nothing less than a structural reboot: Secure Access Service Edge (SASE).

Read more
Alles über Incident Response, Incident Response Management und IT-Sicherheitsvorfälle
IT Blog

Incident Response – when an emergency occurs

IT security incidents are no longer the exception, but rather a sad reality in everyday corporate life. You know the saying that applies here: The crucial question is not whether an incident will occur, but when – and how well a company is prepared for it.

 

Incident response describes the structured handling of security incidents. The approach encompasses the detection, containment, recovery and follow-up of security incidents. In light of increasing attacks, growing dependence on IT systems and stricter legal requirements, incident response is becoming a key management discipline, which we will examine in more detail here.

Read more

Contact us!

Get a free, no-obligation consultation now.

Gespräch vereinbaren!
Contact
Support
Newsletter
Cloud Portal

How to reach us:

+49 5221 1013-000info​@​dts.de
Contact

Support

Hotline

To open a ticket, simply call our 24/7 hotline:
 

+49 5221 1013-032

Email

To open a ticket, simply email us with your technical issue:
 

support​@​dts.de

Web frontend

Enter new tickets in the web frontend, view and classify all open tickets etc.

support.dts.de

Remote support

Enables remote connections to your endpoints:
 

support-remote.dts.de

Subscribe now!

Current information about DTS, our products, events and other news about the entire group of companies.

DTS in general

Login

DTS Systeme Muenster

Login

DTS Cloud Portal

The DTS Cloud Portal is our platform for you to easily and flexibly add and manage your DTS Cloud products and services. The intuitive platform allows you to configure selected products individually and thus adapt them exactly to your requirements.

to the Cloud Portal

The content on our pages can be shared on various social networks such as Facebook or Twitter. According to data protection authorities and courts, such automatic transmission of user data to the operators of the social networks is illegal. Therefore, such data transfer does not take place on our pages without the consent of the users.

We use a 2-click solution. If you do not agree with a forwarding / connection with the social network, simply close this page.

Open link