Brute Force Attack
An attack method that systematically tries all possible password combinations until the correct one is found.
Full Definition
A brute force attack is a trial-and-error method used to decode encrypted data, crack passwords, or find hidden web pages by systematically trying every possible combination. While computationally intensive, modern hardware and cloud computing have made brute force attacks increasingly viable against weak passwords.
Variants include the dictionary attack (using lists of common passwords), reverse brute force (using a known password against many accounts), and credential stuffing (using real leaked credentials). Attackers often use botnets to distribute requests across thousands of IPs to avoid rate limiting and IP blacklisting.
Defenses include strong password policies, account lockout thresholds, CAPTCHA, and multi-factor authentication. Monitoring for high-frequency failed authentication attempts is a common detection technique.
Related Terms
Credential Stuffing
Automated injection of stolen username/password pairs to gain unauthorized access to accounts.
Attack TypesPassword Spraying
An attack that tries a single common password against many accounts to avoid lockout detection.
Attack TypesAccount Takeover (ATO)
Unauthorized access to a user account by exploiting stolen credentials.
Attack TypesMulti-Factor Authentication (MFA)
A security mechanism requiring two or more forms of verification before granting access.
Defensive SecurityMonitor Your Exposure on Whiteintel
Understanding threats is the first step. Whiteintel continuously monitors dark web sources, stealer logs, and breach databases so you know the moment your organization's data is at risk.