Brute force attack excuses

Ramekin & cream

When you hear of “Brute force attacks”, you can generally find flaws.

First off a brute force attack can EASILY be avoided by a correctly configured server or firewall.

If the server can’t raise an alert or throttle a brute force attack after say 5 wrong attempts it’s really badly configured.

With that in mind:

Companies who sell security products for example with:

To offer better security by mitigating brute force attacks on the client side, are wrong.

Conclusion: Brute force attacks in most cases should be handled by extra logic in the server, not the user.


If you like this, you might like the opensource software Web kiosk software I develop. It's very useful in public and business environments for ease of deployment and privacy.