GLOSSARY / Brute-Force Attack
What is Brute-Force Attack?
Systematically trying many passwords or keys until the correct one is found.
Brute forcing ranges from exhaustive guessing to dictionary attacks using common passwords. Related techniques include credential stuffing (reusing leaked passwords) and password spraying (one password against many accounts).
Strong, unique passwords and rate limiting make brute force impractical.
How to defend
Enforce MFA, account lockout/rate limiting, long unique passwords, and screen against breached-password lists.
Related free tools
Related terms
Part of the Ciphers Security glossary. Free reference for analysts, defenders & learners.