7 days of WordPress plugins, themes & templates - for free!* Unlimited asset downloads! Start 7-Day Free Trial

Next lesson playing in 5 seconds

  • Overview
  • Transcript

3.14 Brute-Force Attacks

Brute-force attacks are not part of the OWASP security report, but they're relevant because they might be used to mitigate other defenses. The proper way to defend against brute-force attacks is to throttle any user access attempts. I'll discuss the strategy of banning accounts that have too many invalid attempts, as well as how to make sure that passwords are strong and stored securely on the website to prevent exposure.