A Common practice for Hackers looking to hack into different organizations websites and email accounts is about using a systematic try and error approach to try and figure out (Guess) the user password. In such scenarios, the hacker writes a small application that start trying different characters for the password. for example if the hacker wants to hack the email: firstname.lastname@example.org
, it will start trying to log into the mentioned email and try the following password : "aaaa" , "aaab", "aaac" , "aaad" and then "baaa" , "baab", "baac" , etc.
Through this approach which is called "Brute force attack" , the hacker eventually will take a long time but will be able to break through and find the right password for such email. The question is how do we at "Softex" Helps our customers from such types of attacks. In face we have a brute Force Protection mechanism on all of our servers that work as following :
When anybody is logging on Softex Server with more than 25 wrong passwords from the Same IP within a short time, Our Servers automatically blocks this IP for 30 minutes. during this 30 minutes if the hacker keeps trying and guessed the password correctly , the system will not let him in. If he still tries wrong passwords, Softex Servers will automatically block him with more penalties (another 30 minutes with each 20 wrong passwords he tries).
This is how we protect our customers against Brute Force Attacks , but sometimes such mechanism fires back at us , how is this possible ???We will let you know how below.