wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

What is Brute Force Attack? How to defend against it?

profile
Taha Chatriwala
Feb 07, 2019
0 Likes
0 Discussions
587 Reads

What is Brute Force Attack?

Brute force attack is one of the password guessing attacks wherein the attacker tries to get access to a server or website by constantly trying various combinations of usernames and passwords. It is a trial and error approach hoping to get correct combination of user credentials.

Let’s get practical:

Suppose you know username of a website is “admin”, now you just have to guess the password for a successful login.  The password field nowadays contains at least 8 Alphanumeric characters. Considering this how much time do you think it will take to crack this password? There are 26 alphabets in English. Double them as password will contain both UPPER and lower cases, so we have 26+26 = 52 characters. Now there are 10 numeric digits (i.e. 0-9). Adding them: 52+10=62 So, there are total 62 possible characters for each character of password. For 8-character-password, it will be (62)8 which will make 218,340,105,584,896 (i.e. 218 trillion) possible combinations. If we attempt 218 trillion combinations at one try per second, it would take 218 trillion seconds or 3.6 trillion minutes. In other words, just around 7 million years would be required to crack the password with the final combination. Now Suppose your computer tries 1000 combinations per second that will still take 7 thousand years. If we increase the capacity of the computer and make it a supercomputer that attempts 1 billion combinations per second (ofcourse hypothetically) then it will just take 22 seconds to crack the password. There you have it your correct password in 22 seconds. But wait, what if password contains special characters or is 10 characters long, then it will create 171.3 quintillion (1.71 x 1020) possibilities. Using a processor that tries 10.3 billion hashes per second, cracking the password would take approximately 526 years You can check how long it will take to crack your password here : https://www.betterbuys.com/estimating-password-cracking-times/ Just enter your password and it will show you the time required to crack it.  

How to defend against brute force attacks?

  • Increase password length and complexity:

    The longer the password is the more difficult it is to crack. You should try to have a password which:
    • Contains 12-16 characters.
    • Contains atleast 1 Capital and 1 lower case character.
    • Contains numbers and special characters.
  • Implement 2 factor authentication:

    Two factor authentication ads an extra layer of security while signing in, so that even if your password is compromised no one will be able to sign in to your account except for you.
  • Limit Sign in attempts:

    If you are a developer, you can limit the number of login attempts made on your site to prevent brute force attacks.
  • Use Captcha:

    Captcha helps in verifying whether the attempts are made by human or a bot who is continuously trying login combinations.
Found it Interesting? Got Something to ask?? Feel free to comment it below. Stay Secure ! Stay Happy !! For more CyberSec Blogs :- CLICK HERE

Comments ()


Sign in

Read Next

Indian Culture and Tradition

Blog banner

Linux VServer Architecture

Blog banner

memory managment

Blog banner

Security Issues

Blog banner

LEMON PICKLE SWEET AND MILD HOT

Blog banner

Mango Raisin Chutney (sweet mango raisin spread)

Blog banner

Title: Network Sniffing Techniques: Uncovering the Secrets of Data Transfer

Blog banner

Subnet Masking

Blog banner

A Survey of Anti-Forensic Techniques: Methods, Challenges, and Countermeasures

Blog banner

Pipedrive

Blog banner

Sensory Play for Toddlers: Boosting Curiosity Through Touch, Sound, and Colour

Blog banner

10 Signs That Prove YOU are his FIRST priority.

Blog banner

Starvation

Blog banner

Virtual Memory - Explaination, Working, Steps

Blog banner

PROCESS STATES OF OPERATING SYSTEM

Blog banner

EID UL FITR

Blog banner

How covid-19 impacted Social media ad spend forecast globally

Blog banner

World’s rarest passport owned by 500 people.

Blog banner

Memory Management

Blog banner

A book review

Blog banner

ASANA- A Management System.

Blog banner

LIMITED EDITION

Blog banner

Buffering

Blog banner

What Makes Patola the Queen of Silk?

Blog banner

Virtual machine and virtualizing

Blog banner

Protein and Energy: Why Your Workday Diet Needs More of It

Blog banner

Social Media Marketing Trends 2022

Blog banner

Critical success factors

Blog banner

CSI and Organizational Change

Blog banner

Data Lakes: A Key to Modern Data Management

Blog banner

Importance of modern technology era

Blog banner

What is process

Blog banner

Secure Hypertext transfer protocol

Blog banner

Measuring IT Risk

Blog banner

Corporate Discipline.

Blog banner

TOGETHER WE CAN CONQUER #team

Blog banner

Apache Kafka

Blog banner

CONCURRENCY

Blog banner

Game Theory in Blockchain

Blog banner

1 Dentist in Maroubra, Sydney and her 10 obsessions

Blog banner

Why is online marketing is important in current scenario

Blog banner

Palliative and End — of — Life Care: A Psychological and Holistic Perspective

Blog banner