How to protect your password from brute force attacks

Hello everyone!

Data is becoming the world’s most valuable resource and the methods hackers use to steal it are more diverse and numerous than ever before: they move beyond basic brute force attacks using smarter algorithms and more powerful machines. And yet as the hacks reveal, several users still choose the ‘123456’ combination as the password.

In this tutorial we will describe how to obligate users of your ONLYOFFICE cloud to set stronger passwords, less susceptible to being cracked via brute force attacks.


Before we go ahead

Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.

Password strength is a measure of the effectiveness of a password against guessing or brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to guess it correctly.

Configuring the password strength settings
  1. Access the admin Settings clicking the icon at the top or using the drop-down list in the top left corner and selecting the corresponding option. Then follow Security >> Portal Access >> Password Strength Settings.
  2. Use the Minimum password length bar to determine how long the password should be. By default, it is set to 6 characters.
  3. Determine the character set to use in the password checking the appropriate boxes: capital letters, digits, special characters.


 
Click the Save button at the bottom to make the parameters take effect.

Useful Tips

Tip #1. The more characters, the stronger the password. According to the research 9-character passwords take five days to break, 10-character words take four months, 11-character passwords take 10 years. Add one more letter to increase the time up to 200 years.

Tip #2. Passwords are typically case-sensitive, so a strong password must contain letters in both uppercase and lowercase.

Tip #3. Do not add any personal information, no dictionary words.

Tip #4. Use a mix of characters to make your passwords more cryptic.

Tip #5. Do not practice common habits: 3 instead of e, 4 or @ instead of a, etc. Smarter brute force algorithms consider it.

Tip #6. Enable two-factor authentication. It will add an extra security level if you get hacked. Read here for details.

For more password security tips and tricks, read this article. To learn more about ONLYOFFICE security settings, please visit our Help Center.

Tati

Recent Posts

ONLYOFFICE Documents 5.0 for iOS is released

Great news, everyone! The version 5.0 of our free app ONLYOFFICE Documents for iOS is now available for download. Here’s…

4 days ago

ONLYOFFICE connector for ownCloud: welcome the new version

Good news, everyone! We’ve updated ONLYOFFICE integration app for ownCloud to version 3.0.1, offering you a few useful improvements. Learn…

6 days ago
  • Documents
  • Documents
  • Integration
  • Integration
  • Partnership
  • Partnership
  • What's new
  • What's new
  • What's new

ONLYOFFICE connector for Nextcloud v.3.0: watermarks, Mail Merge, demo server, and more

Hello everyone! We’ve updated ONLYOFFICE integration app for Nextcloud to version 3.0, with several cool features released. Read this post and…

1 week ago

ONLYOFFICE Editors v5.4: new features and where to find them

Great news, everyone! Version 5.4 of ONLYOFFICE Online Editors is already available with a lot of enhancements, including improved charts,…

3 weeks ago

ONLYOFFICE Summer 2019 Roundup

Hello everyone! Read this post to take a look at the latest releases, partnerships, events and other stories from ONLYOFFICE.…

3 weeks ago
  • Events

Busy autumn: ONLYOFFICE en route to conferences in Germany

Hello! Upcoming autumn months are going to be extremely productive for ONLYOFFICE team. Our schedule includes four important events in Berlin…

4 weeks ago

This website uses cookies. By continuing to browse the website you agree to our privacy policy.

our privacy policy