Welcome to ITS! Learn more about our strategic partnership with Afineol!

Marketing Team

By: Marketing Team on January 16th, 2021

Print/Save as PDF

Password Protection: Brute Force Entry Explained

Cybersecurity

Brute force entry attacks are a growing concern. Learn about these attacks and how to avoid them before you get attacked!

We have all heard it before when it comes to passwords. We know to make them long and complicated and not to use common information. But do you know why these rules exist and how to make your password safe from common attacks? 

Password Basics

Your password is your key to opening the lock into your data. If you have a good key then others will not be able to copy that key. However, too many people use similar keys that make them easy to recreate.

Now, you might have password management, but today let's talk about brute force entry.

This is a different kind of attack than a socially engineered attack.

A social-engineered attack begins with getting information from places like social media. This could become a way to get things like pet’s names, old car information, mother’s maiden name, or other common pieces of security information. This can then be used to guess a password or open security questions and take your data.

Brute Force entry, however, is a machine-based attack.

Brute Force Entry Attacks Explained

A padlock with a laptop on the background

So let’s say that you have a lock on your house. Anyone with a key could come up and try to open your lock. The vast majority of those keys won’t work. But if you let 10 million people come up and try their key on your door then the chances of it opening become much higher.

This is the idea behind a brute force entry attack.

A brute force entry attack is done with a computer program that is about to pound thousands of common password combinations in no time.

Imagine that you had a lock for a gate that held a 4 digit combination. This kind of attack is the equivalent of someone entering “0-0-0-0”, then “0-0-0-1”, “0-0-0-2”, and so on until it unlocks. Eventually, after thousands of tries, you will get that lock open. 

So a computer program will use a common password dictionary, and other uploaded files to try again and again to get into your system. Computers can do this a million times in no time at all, and if you don’t have a limit in password attempts, then it is likely that eventually, the computer will crack it.

Brute force attacks are very effective unless you take the right approaches to password protection.

Avoiding a Brute Force Attack

The best way to avoid a brute force attack is the common password wisdom.

  • Make a long password
  • Use a variety of symbols, capitals, etc.
  • Don’t use real information
  • Make it complicated or random

People are aware of these tips but then still make combinations that are simply too easy. This is why we recommend using a password generator and password manager.

Let’s just show an example of a strong and weak password. The weak password will be created by a human and the strong one done by a computer generator.

Which one of these passwords do you think is more secure?

CancunFamilyTrip2015!

Or 

>rhmfN#_vW]5L@bHAD~(x

The first password style is very common. It does reach all the checkmarks of a “safe” password though. It’s 21 characters long, which is a great length, has a couple of capital letters, numbers, and even a symbol.

However, compared to the second password, it is easy to see the difference. Both passwords are the same length, and follow the same criteria, but which one do you think will be easier to break?

Once again, brute force programs have logs of common password combinations, English words, and more to help them break-in. There is no common combination in the second password, where the first is likely much more common.

Takeaways

Password protection is more important than you may realize. It only takes one mistake to have all your data stolen or have your business collapse. This is why you always need to take password protection seriously.

Brute force attacks are only one common way that people get into your system. Learn more about common cybersecurity tactics and how to stay safe online! 3 Types of Cybersecurity Solutions your Business Must Have