Security Beginner

What is Brute Force Attack?

An attack method that systematically tries all possible combinations of passwords or keys until the correct one is found.

Brute force attacks try every possible password combination. Simple brute force tries all character combinations. Dictionary attacks use common passwords. Hybrid attacks combine dictionary words with modifications (numbers, symbols).

Protection includes strong passwords (length over complexity), account lockout policies, progressive delays, CAPTCHAs, two-factor authentication, and rate limiting. Password hashing with bcrypt/Argon2 makes each attempt computationally expensive.

Learn More About This Topic

Ethical Hacking & Penetration Testing

Related reading

Network Security Fundamentals

Related reading

SOC Analyst Fundamentals

Related reading

Related Terms

Content Security Policy (CSP)

An HTTP security header that controls which resources a browser is allowed to load for a web page, preventing XSS and data injection.

Principle of Least Privilege

A security principle where users and programs receive only the minimum access rights needed to perform their specific tasks.

JWT (JSON Web Token)

A compact, self-contained token format used for securely transmitting information between parties as a JSON object.

Input Validation

The process of verifying that user-supplied data meets expected formats, types, and ranges before processing it.

DDoS (Distributed Denial of Service)

An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.

DAST (Dynamic Application Security Testing)

Testing a running application from the outside by sending malicious requests to discover security vulnerabilities.

View All Security Terms →