Protect yourself from online brute-force attacks
Owen Yorio
The Cowbell Agency
If you own a website, or have used any type of online account before, you may be familiar with a brute-force attack. If you are unaware, a brute force attack is a common way hackers or malicious sources could try to access your sensitive information. Essentially, nefarious code is executed that attempts hundreds of passwords a second in an attempt to gain access to locked content. There are a few simple ways to protect a website or user from these types of attacks, we’ll go through two of those now.
Good Password Management
The most simple way is to be diligent with your passwords. If your password was created with extra symbols, numbers, and cases, that greatly increases the time it would take for a program to brute force into. There’s a cool website that proves this point with simple math, https://www.passwordmonster.com/. This tool shows how long it would take for a brute-force attack to break a password. Let’s try an easy password, “tomorrow.”
According to this tool, it would take less than a second for a brute-force attack to crack this password, notably because it is an actual word, with no special characters, numbers, symbols, or case changes. Now, let’s try to make this password a bit more secure by trying a different approach.
In doing this, we’ve made our password virtually impossible to break. No need to worry about a brute force attack anymore! This number is astounding by the way, 4 thousand trillion (sextillion) years works out to about 289 billion times longer than the universe has existed for. There are other tools to use that can help you manage complex passwords like this as well, Google Chrome has some built right in.
Lock account after too many login attempts
Most people have encountered this measure before, almost all sites enforce this one by default, others may not. Nearly all websites you could have an account with use this function to protect you, not just to frustrate you when you’ve forgotten your password. So why shouldn’t you use it on your own website if you’re not already?
If you need any help with website security, give us a call or contact us here on the site!