Brute Force Attack
What is a Brute Force Attack on your website?
A brute force attack on your website is a computer generated script that uses a trial and error method to obtain data including but not limited to usernames, passwords, full names, addresses or personal identification numbers (PIN). This automated script created by hackers generates huge numbers of successive guesses to obtain the exact value of the requested data. Brute force attacks can be used as a benefit by an organization to find weak points in their website or a disadvantage by hackers/criminals to gain access to encrypted client or user data.
Other names for a brute force attack can be brute force cracking and brute force.
The best ways to defend against brute force attacks are to require users to create complex passwords, lock out uses that exceed number of failed login attempts (we use 3 maximum failed login attempts and lock these users out indefinitely until they email us requesting their username be turned back on). There are also incredible security plugins such as WordFence that we use on all our client sites. WordFence is one of the best security plugins we work with.