Term: brute force attack

brute force attack is, in essence, an attempt to compromise encryption (or an online account) simply by trying every possible password.

In the case of an online account, attacks typically target a specific account. That account may be an account known to exist, perhaps by virtue of something as simple as an email address having been made public. The account may also simply be an account that is likely to exist, such as accounts using common first names at major email providers.

Regardless, the nature of a brute force attack is very slow, but also very persistent.

In practice, most brute force attacks against online accounts prioritize common passwords first. This gives them a surprisingly high success rate, even when log-in attempts are rate-limited.

Offline brute force attacks against encrypted data – including password databases – typically have no such time restriction. In this case, the complexity of the encryption algorithm, and the length of the passwords being used, determine how successful the attack will be and how quickly it may succeed.

« Back to Glossary Index
Free Newsletter!

Free Newsletter!

Subscribe to The Ask Leo! Newsletter and get a copy of The Ask Leo! Guide to Staying Safe on the Internet – FREE Edition. This ebook will help you identify the most important steps you can take to keep your computer, and yourself, safe as you navigate today’s digital landscape.

Then each week in The Ask Leo! Newsletter you’ll get even more tips, tricks, answers and ideas to help you use your technology more effectively and stay safe doing so.

Check your email to confirm!