Brute Force Attack
In a brute force attack, a hacker basically tries to guess your password. They don't sit at the keyboard and type all the possible passwords in, they use specialist software that can try thousands of password combinations per second.
They also use other tricks to make the process quicker - trying lists of common passwords, trying real words ( a dictionary attack), trying common number substitutions in real words (eg three becomes thr33), trying passwords they have stolen from other sites.
To defend against this approach you should a) use long passwords with letters in both cases, numbers and symbols, b) not use regular words and c) use different passwords for each site and application, not the same one for everything
What is a Brute Force attack?
Websites defend against this by:
- Forcing users to use complex passwords
- Limiting the number of attempts users have to enter the correct password
- Encrypting the data, and communications