Why Isn't a Timer Capable of Preventing Brute Force

This page summarizes the projects mentioned and recommended in the original post on /r/AskComputerScience
John Hack C Hacking Ripper

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • THC-Archive

    All releases of the security research group (a.k.a. hackers) The Hacker's Choice

    It is possible to brute force logins online, using something like Hydra, but many site already lockout an IP address after X failed login attempts.

  • john

    John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

    However, most credential brute forcing takes place offline against a leaked database from some site. A program like John the Ripper is used to try hashing each word in a dictionary until it matches the entries in the database. Because this all happens offline, there's no mechanism in place to delay the attempts or lock the user out.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts