How to protect your password from brute force attacks

Hello everyone!

Data is becoming the world’s most valuable resource and the methods hackers use to steal it are more diverse and numerous than ever before: they move beyond basic brute force attacks using smarter algorithms and more powerful machines. And yet as the hacks reveal, several users still choose the ‘123456’ combination as the password.

In this tutorial we will describe how to obligate users of your ONLYOFFICE cloud to set stronger passwords, less susceptible to being cracked via brute force attacks.


Before we go ahead

Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.

Password strength is a measure of the effectiveness of a password against guessing or brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to guess it correctly.

Configuring the password strength settings
  1. Access the admin Settings clicking the icon at the top or using the drop-down list in the top left corner and selecting the corresponding option. Then follow Security >> Portal Access >> Password Strength Settings.
  2. Use the Minimum password length bar to determine how long the password should be. By default, it is set to 6 characters.
  3. Determine the character set to use in the password checking the appropriate boxes: capital letters, digits, special characters.


 
Click the Save button at the bottom to make the parameters take effect.

Useful Tips

Tip #1. The more characters, the stronger the password. According to the research 9-character passwords take five days to break, 10-character words take four months, 11-character passwords take 10 years. Add one more letter to increase the time up to 200 years.

Tip #2. Passwords are typically case-sensitive, so a strong password must contain letters in both uppercase and lowercase.

Tip #3. Do not add any personal information, no dictionary words.

Tip #4. Use a mix of characters to make your passwords more cryptic.

Tip #5. Do not practice common habits: 3 instead of e, 4 or @ instead of a, etc. Smarter brute force algorithms consider it.

Tip #6. Enable two-factor authentication. It will add an extra security level if you get hacked. Read here for details.

For more password security tips and tricks, read this article. To learn more about ONLYOFFICE security settings, please visit our Help Center.

Tati

Recent Posts

Nextcloud VM: an easy way to deploy ONLYOFFICE on Nextcloud Server

As you may already know, you can use ONLYOFFICE editors together with Nextcloud. What you may…

2 days ago

How to integrate ONLYOFFICE with Nextcloud on Ubuntu

This guide will describe how to connect ONLYOFFICE and Nextcloud instances to each other via…

3 days ago

OnlyOffice for Linux

Hello everyone, you can download OnlyOffice for Ubuntu and Linux, surprisingly, it’s actually for free.…

3 days ago

How to integrate ONLYOFFICE and Seafile within UCS

With ONLYOFFICE online editors connected to the Seafile Professional instance within UCS, users are able…

3 days ago

ONLYOFFICE: from internal collaboration tool to leading web office suite

In the past 10 years the project rose from an internal collaboration tool for a…

3 days ago

How to integrate Alfresco with ONLYOFFICE online editors on Ubuntu

In this article, we will take a deeper look at one of the most actual…

3 days ago

This website uses cookies. By continuing to browse the website you agree to our privacy policy.

our privacy policy