cybersecurity Glossary

What is Brute-Force Attack?

A brute-force attack is a computer attack that involves the mass usage of computer resources to evade a security check.

The use of brute-force attacks is mainly associated with passwords. A brute-force attack can attempt to guess a system’s authentication password by trying millions of user and password combinations.

Applied to cryptography, and knowing the algorithm used, it consists of generating random passwords until the original one is obtained. In this case it is often referred to as password cracking.

Brute-force attacks can be performed online, against running systems to guess a password and gain remote access (SSH services, databases, RDP, Web applications, etc.) or offline against encrypted password hashes. These attacks are often carried out using so-called “dictionaries”, files containing generic or thematic passwords, and software that exploits the full power of the GPU, the graphics card’s processor.