wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

What is Brute Force Attack? How to defend against it?

profile
Taha Chatriwala
Feb 07, 2019
0 Likes
0 Discussions
587 Reads

What is Brute Force Attack?

Brute force attack is one of the password guessing attacks wherein the attacker tries to get access to a server or website by constantly trying various combinations of usernames and passwords. It is a trial and error approach hoping to get correct combination of user credentials.

Let’s get practical:

Suppose you know username of a website is “admin”, now you just have to guess the password for a successful login.  The password field nowadays contains at least 8 Alphanumeric characters. Considering this how much time do you think it will take to crack this password? There are 26 alphabets in English. Double them as password will contain both UPPER and lower cases, so we have 26+26 = 52 characters. Now there are 10 numeric digits (i.e. 0-9). Adding them: 52+10=62 So, there are total 62 possible characters for each character of password. For 8-character-password, it will be (62)8 which will make 218,340,105,584,896 (i.e. 218 trillion) possible combinations. If we attempt 218 trillion combinations at one try per second, it would take 218 trillion seconds or 3.6 trillion minutes. In other words, just around 7 million years would be required to crack the password with the final combination. Now Suppose your computer tries 1000 combinations per second that will still take 7 thousand years. If we increase the capacity of the computer and make it a supercomputer that attempts 1 billion combinations per second (ofcourse hypothetically) then it will just take 22 seconds to crack the password. There you have it your correct password in 22 seconds. But wait, what if password contains special characters or is 10 characters long, then it will create 171.3 quintillion (1.71 x 1020) possibilities. Using a processor that tries 10.3 billion hashes per second, cracking the password would take approximately 526 years You can check how long it will take to crack your password here : https://www.betterbuys.com/estimating-password-cracking-times/ Just enter your password and it will show you the time required to crack it.  

How to defend against brute force attacks?

  • Increase password length and complexity:

    The longer the password is the more difficult it is to crack. You should try to have a password which:
    • Contains 12-16 characters.
    • Contains atleast 1 Capital and 1 lower case character.
    • Contains numbers and special characters.

  • Implement 2 factor authentication:

    Two factor authentication ads an extra layer of security while signing in, so that even if your password is compromised no one will be able to sign in to your account except for you.

  • Limit Sign in attempts:

    If you are a developer, you can limit the number of login attempts made on your site to prevent brute force attacks.

  • Use Captcha:

    Captcha helps in verifying whether the attempts are made by human or a bot who is continuously trying login combinations.
Found it Interesting? Got Something to ask?? Feel free to comment it below. Stay Secure ! Stay Happy !! For more CyberSec Blogs :- CLICK HERE

Comments ()

Sign in

Read Next

Zero Trust Security Model: Revolutionizing Cybersecurity in the Digital Age

Blog banner

Review on Cyber Forensics and its Analysis Tools

Blog banner

Best Time to Visit Arcadia, Florida & Why Oak Tree Hotel Is Always Ready

Blog banner

Layers Of Blockchain

Blog banner

Top 5 Tech Innovations of 2018

Blog banner

My Favorite Sportsperson

Blog banner

OS DESIGN CONSIDERATIONS FOR MULTIPROCESSOR

Blog banner

All you need to know about Cassandra

Blog banner

The Art of Slow Fashion: Why Patola Defines Sustainable Luxury

Blog banner

5 Common Faults In Construction Tenders

Blog banner

Why Extreme Opinions Are Rising: Psychological Insights into Society’s Divides

Blog banner

EVOLUTION OF MICROPROCESSOR

Blog banner

Virtual machine.

Blog banner

Incorporating Automation into Digital Forensics.

Blog banner

Social media

Blog banner

Functions Of Operating Systems

Blog banner

Bharat Maps

Blog banner

What is Vishing?

Blog banner

IO Buffers

Blog banner

Online Education

Blog banner

5 People who claimed to have Time Traveled

Blog banner

Deadlocks in Operating System

Blog banner

Threat management

Blog banner

Solving Problems with AI: The Power of Search Algorithms

Blog banner

5 Powerful Mindset Shifts To Make 2026 Your Breakthrough Year

Blog banner

Types of threads

Blog banner

Synchronization

Blog banner

MODERN OPERATING SYSTEM

Blog banner

Online Games

Blog banner

Cyber Crime Investigation In The Era Of Big Data

Blog banner

ARTICAL ON MANAGEMENT SYSTEM

Blog banner

AI and Data Science: Revolutionizing Industries

Blog banner

Concept and definition of m-commerce

Blog banner

Operating System

Blog banner

Cache memory

Blog banner

Instagram

Blog banner

Unlocking the Secrets: Basic Operations of Computer Forensic Laboratories

Blog banner

Precision-Recall in Data Science

Blog banner

Deadlock and starvation in operating system

Blog banner

Product Discount Calculator

Blog banner

Virtual Memory - Explaination, Working, Steps

Blog banner

Uniprocessor Scheduling

Blog banner