Don’t Ditch the Password Yet: Countering a Brute Force Attack

Security Intelligence -

Don’t Ditch the Password Yet: Countering a Brute Force Attack

There’s been a lot of chatter lately about moving on from passwords. But long passwords are still a good defense against some types of attacks. Brute force attack actors dedicate just a fraction of their efforts to cracking them, a Microsoft researcher found.

The researcher analyzed over 25 million brute force attack attempts that occurred across their employer’s sensor network. What they found means most of these passwords are safe from this particular type of attack. It won’t help if your password has been leaked online, though. It also doesn’t help if your password already exists as part of an attacker’s brute force attack dictionary. But it does count for something. 

“77% of attempts used a password between one and seven characters. A password over 10 characters was only seen in 6% of cases,” the researcher explained, as quoted by The Record.

In his analysis of those attack attempts, the security researcher found that less than half (39%) of the brute force attack attempts involved at least one number. Just 7% of those attack instances contained a special character,

Read More: https://securityintelligence.com/news/brute-force-attack-long-password/