Brute force is a straight forward strategy to solving a problem, it’s also called as ‘Exhaustive Search’ in which you try all possibilities to reach solution of a problem. In Brute force attack, attacker systematically checks all possible passwords and passphrases until the correct one is found. Alternatively, the attacker can attempt to guess the key, which is typically created from the password using a key derivation function. This is known as an exhaustive key search . Let’s say password has eight alphanumeric characters which includes uppercase and lowercase letters. The possible character set we will be use 26 x 2 alphabets (ucase + lcase) = 52 characters. So it will take 52 8 attempts to crack the password. As per Stricture Consulting Group, 25-GPU cluster achieved a brute force attack with speed of 350 billion guesses per second, allowing them to check 95 8 password combinations in 5.5 hours.
