A password attack that does
not attempt to decrypt any
information, but continue to
try different passwords. For
example, a brute-force attack
may have a dictionary of all words or a listing of
commonly used passwords. To
gain access to an account using
a brute-force attack, a
program tries all available
words it has to gain access to the account. Another type of
brute-force attack is a
program that runs through all
letters or letters and numbers
until it gets a match. Although a brute-force attack
may be able to gain access to
an account eventually, these
attacks can take several hours,
days, months, and even years
to run. The amount of time it takes to complete these
attacks is dependent on how
complicated the password is
and how well the attacker
knows the target. To help prevent brute-force
attacks many systems will
only allow a user to make a
mistake in entering their
username or password three
or four times. If the user exceeds these attempts, the
system will either lock them
out of the system or prevent
any future attempts for a set
amount of time.
No comments:
Post a Comment