this post was submitted on 17 Feb 2024
136 points (96.6% liked)
techsupport
2469 readers
3 users here now
The Lemmy community will help you with your tech problems and questions about anything here. Do not be shy, we will try to help you.
If something works or if you find a solution to your problem let us know it will be greatly apreciated.
Rules: instance rules + stay on topic
Partnered communities:
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm actually surprised that it'd be feasible to use a brute force approach to gain access to an online account. I would expect them to hit some kind of rate-limiting long before they'd find the correct password
Brute force attacks are usually done offline, where the attacker somehow gets a copy of a database of hashed passwords and they can take as many attempts as they want locally before they get a hit and can try it online.
Looking at my history, they're hours or a day apart. Probably no chance of getting into any halfway decent password that way, but if they can automate it with thousands of different email addresses, eventually they'd get an account with a weak password and get in.