Brute force:How accounts are hacked by simple password

Users with simple and short passwords are the main target of hackers using the brute force method or, in other words, brute force. This rather simple method of hacking often brings results and theoretically allows you to get a password from an account on any service or portal if it is not sufficiently protected.

The danger of brute force

“Brute force” is translated from English as “brute force”, which describes the essence of a brute force attack. During it, all possible password options are selected and this lasts until it is possible to guess it. However, guessing really complex passwords can take several years, which is unlikely to be done by anyone. Therefore, they can almost 100% protect you from successful brute force attempts.

Brute-force attacks are easy to attack with passwords consisting of simple combinations of characters located next to each other on the keyboard. It can be a series of numbers (“123456”) or combinations of letters (“qwerty”). Weak passwords also include those that represent a date (“18051991”) or a meaningful word, especially “admin” and “password”. Even if you choose a Russian word typed with the English layout (“gfhjkm”) as a password, it can also be guessed.

It may take only 2-3 hours to hack an account with a medium password. The simpler the password, the faster the attack will reach its goal. To enumerate passwords, special software is used, which is either created by cybercriminals themselves or borrowed from their colleagues. And previously hacked computers and servers are used as capacities – and, perhaps, they were also hacked with the help of brute force.

An account with a calculated password can be used not only to hack new accounts, but also to send spam. And if we are talking about the account of the site administrator, but after it is hacked, attackers can place malicious code on the site. In addition, the brute force method is used to gain access to secret files or confidential user information.

Brute force protection

Modern systems have fairly reliable ways to protect against brute force attacks on accounts. Limiting login attempts helps to effectively deal with them: for example, if a user typed the wrong login-password pair three times in a row, he will be able to make the next attempt only after 15 minutes. It is also not uncommon for a failed login attempt to prompt the user to complete a captcha , which password cracking malware is unlikely to be able to do.

Two-factor authentication is also widely used. When using it, the user is asked to enter not only a username and password, but also, for example, a code that is sent to his phone number. By the way, we have implemented our own two-factor authentication mechanism using the ” Brutus ” application. Also, for additional confirmation of the user’s identity, the device from which the login is made and the location of the user are taken into account.

However, some systems and applications may not have such safeguards. And then a brute-force attack can be easily carried out, and fixing it is usually not easy. The site administrator should be alerted when an unknown user from the same IP address starts persistently trying to log into the system. You can track this, first of all, with the help of log files. But it is better to make sure that this does not happen at all.

Limit the number of login attempts on your site, use captcha, implement two-factor authentication. And to keep your own accounts safe, use complex passwords of letters, numbers, and symbols. To create such passwords, there are special generators, and password managers can be used to store them securely. And remember to change your passwords at least once a year.

 

You May Also Like:

The Pros and Cons of Building a Software as Service (SaaS) Offering

Why Saas Platforms Are Higher Than Customized Ecommerce App Lastly, the combination of on-premise knowledge contained inside in-house legacy methods Read more

The Advantages and Disadvantages of Machine Learning

Unsupervised Learning Disadvantages If you wish to type your individual residence, this is a course that may help you learn Read more

Cybersecurity: Explaining the Pros and Cons of hiring a CISO

Hire The Best Cisco Engineers In May 2021 has been created for anybody who needs to study ethical hacking from Read more

5 Common Problems with the Implementation of SaaS and How to Fix It

Information Quality Administration Applications corresponding to UPS, FedEx, US Postal Service, and so on. provide free monitoring of packages on-line. Read more

Most Common Data Backup Mistakes in 2021

7 Reasons Why Information Backup Is Essential For Your Corporation There are several different institutes like Punjab University, UIET, etc Read more

DIGITAL SIGNATURE CERTIFICATE FOR GST

Digital Signature Certificate for GST is utilized to record GST effectively and goes presumably as a substitute for the made Read more

Prevent Risks and Malicious Codes from WordPress Themes
headless-wordpress-themes

In order to stay your website safe, you’ll 1st get to recognize what you’re up against. As such, it’s very Read more

OnePlus TVs are now available in Different Size
one plus TV

The OnePlus brand, which has established itself as one of the best smartphone brands, is now entering the smart TV Read more

Magento vs Shopify vs Woocommerce: Know the Best Platform
Magento vs Shopify vs Woocommerce: Which Is the Best E-Commerce Platform for Your Business?

The fact that there are so many eCommerce website development platforms available on the internet makes deciding which platform to Read more

How To Find An Authentic Repair Shop?
samsung mobile battery, samsung cell phone battery replacement

A lot of technological advancements are happening these days and smartphone have become a very important part of everyone’s life. Read more

Perks Of Early Adoption Of Microsoft Teams

The business world is continually on the lookout concerning which newest collaboration platform is greatly effective. There surely are a Read more

How to Make an Amazon Style App: Features, Technology Stack
Amazon Style App

Everyone enjoys shopping, and being able to do so while sitting at home and with just a few clicks is Read more

How can I extract a contact List for an e-commerce store?
LinkedIn Data Scraper Software

LinkedIn Sale Navigator Extractor is the best data scraper for extracting quality leads contact lists from LinkedIn to increase your Read more

How can I scrape data from Facebook? Facebook Data Scraper
Facebook Data Scraper

Facebook is the biggest social media platform where you can scrape your desired data. Facebook Leads Extractor is the best Read more

How to Make a Food Delivery App – Tips to Follow
How to Make a Food Delivery App - Tips to Follow

People enjoy eating, and what could be better than ordering food from their favorite restaurant while spending time with their Read more

6 Reasons to Choose Bespoke Software Solutions
Software Solutions

One fundamental component that allows businesses to run profitably and efficiently is the software solution suite they use. The demand Read more

Social media strategies for success on social platforms
Social media strategies

“What do you mean; you're not on social media yet? You have to be there; it's a great lever to Read more

Challenges and Plus points of Elearning Training systems
Challenges and Plus points of Elearning Training systems

When was the final time you joined a entire face-to-facial teaching work shop? You by which your co-contributors, in addition Read more

Future of Telecom Sector in India

There is no denying the fact that the telecom sector in India will play a very important role in the Read more

CNC Lathe Machine: A Comprehensive Guide
CNC Lathe Machine

A lathe machine can be used to carry out different parts of operations, such as cutting or drilling, which means Read more