Brute force attack excuses

Ramekin & cream

When you hear of “Brute force attacks”, you can generally find flaws.

First off a brute force attack can EASILY be avoided by a correctly configured server or firewall.

If the server can’t raise an alert or throttle a brute force attack after say 5 wrong attempts it’s really badly configured.

With that in mind:

Companies who sell security products for example with:

To offer better security by mitigating brute force attacks on the client side, are wrong.

Conclusion: Brute force attacks in most cases should be handled by extra logic in the server, not the user.


If you like this, you might like the stateless Web kiosk software I develop. Webconverger typically replaces Windows on PCs and is deployed in public and business environments for ease of deployment and privacy. Once installed it auto-updates making it painless to maintain. Try it where you exclusively use the only viable open platform... the Web!