What is a Brute Force Attack?
Brute force attacks are the simplest way of breaking into somebody’s account. They’re able to be used against anything protected by a password, and many websites and services don’t have proper protection against them. Here’s a breakdown of the basic step-by-step process.
- Identify the minimum number of characters for a password
- Guess every single possible combination of characters
- Add another character if unsuccessful
- Return to step 2 until successful
Why would somebody want to do a brute force attack?
There are lots of different things protected by passwords; any of these are fair game for brute force attacks. The computational simplicity of the algorithms makes them an attractive option for both small time hackers, and industrial large-scale operations. Here's a small list of vulnerable accounts that you could have right now:
- Bank Accounts
- Social Media Accounts
- Website Admin Profiles
- Email Address
- Work or School Account
If any of these were to be compromised, the damage could be catastrophic. Malicious actors could take your money, shut down your website, hijack your online presence, destroy your personal or professional life, or get you suspended from school. While some of these are more immediately beneficial than others, all of them are likely outcomes if you become compromised.
How to protect against brute force attacks
This is a very serious threat to consider; however, you can easily protect yourself with a few, simple practices. To prevent your accounts from being compromised in this kind of attack, you need to have more than one factor protecting every profile (no matter how trivial), and you need to have strong passwords, and a different password for every account.
In the near future, we plan on outlining not only more threats that you face, but also the most effective way at combating them. We here at Redact believe strongly that privacy is one of our most important rights, and we want to make sure that you’re as safe as possible.