If I enter a password wrong thrice, the system locks me out. How are hackers able to attempt millions of combinations of passwords without the system locking them out?

435 viewsOtherTechnology

If I enter a password wrong thrice, the system locks me out. How are hackers able to attempt millions of combinations of passwords without the system locking them out?

In: Technology

8 Answers

Anonymous 0 Comments

As others have mentioned, it is true that there are many ways to hack account without interacting with the login page, but bruteforcing is still a thing.

Usually a hacker will use a leaked database of credentials and attempt to use them on login pages on websites.

The website will block after 3 attempts, but how does it know it was the same computer each time? Because you used the same cookie! If you delete your cookie and try again you will have more attempts, guarenteed. After a certain amount of cookie resets, the website will block your ip, and this point, you will need proxies to rotate your ip address.

All hackers do is rotate ip addresses and cookies to appear to be multiple different computers. Advanced security systems can block this using other identifiers and methods, and it gets very complicated… this is my job 🙂

You are viewing 1 out of 8 answers, click here to view all answers.