A brute force attack is an attempt to gain unauthorized access to a system – or data – by simply trying out all possible combinations of access credentials (such as passwords or encryption keys) until the right one is found. Hence the “brute” force – there is not much sophistication here, the idea rather is to exhaust the possibility space by trial and error.
Hackers or intruders must resort to brute force attacks if they have no better knowledge of the target system that would allow them to use more focused approach.
There is no “one” silver bullet to protect a system or service against brute force attacks, but a number of technical and organizational measures taken together can reduce the risk to a minimum. Some of those measures are:
- the use of strong passwords,
- lockout functions implemented in the access management system,
- limiting the number of login attempts,
- two-factor authentication (2FA) or multi factor authentication.