How to Protect Software From Brute-Force Attacks?

How to Protect Software From Brute-Force Attacks?
May 18 10:00 2015 Print This Article

It is known that security testing of web software requires more efforts than verifying security during desktop testing.

Though web software is more exposed to cyber-attacks due to peculiarity of web technology, users of mobile and desktop applications want to be sure that their personal and business data are safe as well.

A brute-force attack is one of popular ways of getting an unauthorized access to somebody’s data in any kind of software. Hackers use a real username and try to guess or pick the password to the user account. It may be hard to do it manually, but there are numerous tools that can be used for this purpose.

Automate testing is often applied for verifying whether it is possible to break into the system by means of a brute-force attack. Test engineers use the same tools as hackers.

Experts in web site testing, desktop testing, mobile testing claim that the simplest and efficient way of dealing with brute-force attacks is suspending and blocking the account after several inputs of an incorrect password. As a rule, programs give 3 or 5 attempts, if a wrong password is input 3 or 5 times, the account gets suspended for half an hour or 24 hours.

If the mechanism of account suspending works fine, the software is considered to be protected from brute-force attacks.

Related Posts:

About Article Author

view more articles
Nataliia Vasylyna
Nataliia Vasylyna

View More Articles

1 Comment

write a comment
  1. Tanya Green
    February 08, 12:17 #1 Tanya Green

    Looks interesting

    Reply to this comment

Add a Comment

Your data will be safe! Your e-mail address will not be published. Also other data will not be shared with third person.
All fields are required.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.