Brute force attack excuses

Ramekin & cream

When you hear of “Brute force attacks”, you can generally find flaws.

First off a brute force attack can EASILY be avoided by a correctly configured server or firewall.

If the server can’t raise an alert or throttle a brute force attack after say 5 wrong attempts it’s really badly configured.

With that in mind:

Companies who sell security products for example with:

To offer better security by mitigating brute force attacks on the client side, are wrong.

Conclusion: Brute force attacks in most cases should be handled by extra logic in the server, not the user.

Advertisement

If you like this, you might like the stateless Web kiosk software I develop. Webconverger typically replaces Windows on PCs and is deployed in public and business environments for ease of deployment and privacy. Once installed it auto-updates making it painless to maintain. Try it where you exclusively use the only viable open platform... the Web!