Security Beginner

What is Brute Force Attack?

An attack method that systematically tries all possible combinations of passwords or keys until the correct one is found.

Brute force attacks try every possible password combination. Simple brute force tries all character combinations. Dictionary attacks use common passwords. Hybrid attacks combine dictionary words with modifications (numbers, symbols).

Protection includes strong passwords (length over complexity), account lockout policies, progressive delays, CAPTCHAs, two-factor authentication, and rate limiting. Password hashing with bcrypt/Argon2 makes each attempt computationally expensive.

Related Terms

A social engineering attack that uses fraudulent communications to trick people into revealing sensitive information or installing malware.

Two-Factor Authentication (2FA)

A security method requiring two different forms of identification before granting access to an account.

Content Security Policy (CSP)

An HTTP security header that controls which resources a browser is allowed to load for a web page, preventing XSS and data injection.

Session Hijacking

An attack where an adversary takes over a legitimate user session by stealing or predicting the session identifier.

Principle of Least Privilege

A security principle where users and programs receive only the minimum access rights needed to perform their specific tasks.

Secret Management

The practice of securely storing, accessing, and rotating sensitive credentials like API keys, passwords, and certificates.

View All Security Terms →