The Brute Force Attack seeks to determine an unknown value – such as a user name, password, or key – by using an automated process to try many possible values. This type of attack takes advantage of the fact that the number of actual values is typically smaller than perceived; for example, while an 8-character alphanumeric password can have 2.8 trillion possible values, many people will select their passwords from a much smaller subset consisting of common words and terms.
A Brute Force Attack can also be used to attempt to decrypt encrypted data. These kinds of attacks can be made less effective by obfuscating the data to be encoded, making it more difficult for an attacker to recognize when the code has been cracked or by making the attacker do more work to test each guess. One of the measures of the strength of an web security statistics 2016 https://info.whitehatsec.com/rs/675-YBI-674/images/WH-2016-Stats-Report-FINAL.pdf">encryption system is how long it would theoretically take an attacker to mount a successful brute force attack prevention against it.