How to protect your password from brute force attacks

Hello everyone!

Data is becoming the world’s most valuable resource and the methods hackers use to steal it are more diverse and numerous than ever before: they move beyond basic brute force attacks using smarter algorithms and more powerful machines. And yet as the hacks reveal, several users still choose the ‘123456’ combination as the password.

In this tutorial we will describe how to obligate users of your ONLYOFFICE cloud to set stronger passwords, less susceptible to being cracked via brute force attacks.


Before we go ahead

Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.

Password strength is a measure of the effectiveness of a password against guessing or brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to guess it correctly.

Configuring the password strength settings
  1. Access the admin Settings clicking the icon at the top or using the drop-down list in the top left corner and selecting the corresponding option. Then follow Security >> Portal Access >> Password Strength Settings.
  2. Use the Minimum password length bar to determine how long the password should be. By default, it is set to 6 characters.
  3. Determine the character set to use in the password checking the appropriate boxes: capital letters, digits, special characters.


 
Click the Save button at the bottom to make the parameters take effect.

Useful Tips

Tip #1. The more characters, the stronger the password. According to the research 9-character passwords take five days to break, 10-character words take four months, 11-character passwords take 10 years. Add one more letter to increase the time up to 200 years.

Tip #2. Passwords are typically case-sensitive, so a strong password must contain letters in both uppercase and lowercase.

Tip #3. Do not add any personal information, no dictionary words.

Tip #4. Use a mix of characters to make your passwords more cryptic.

Tip #5. Do not practice common habits: 3 instead of e, 4 or @ instead of a, etc. Smarter brute force algorithms consider it.

Tip #6. Enable two-factor authentication. It will add an extra security level if you get hacked. Read here for details.

For more password security tips and tricks, read this article. To learn more about ONLYOFFICE security settings, please visit our Help Center.

Tati

Recent Posts

  • What's new

ONLYOFFICE Desktop Editors are now available as Flatpak

Great news everyone! The long-awaited Flatpak for our desktop editors is now available on Flathub. We are coming to more…

1 day ago
  • Integration

How to edit ownCloud documents with ONLYOFFICE on your iOS device

Hello everyone! We have recently announced that ONLYOFFICE Documents for iOS 5.0 allows connecting cloud storage services via WebDAV, and…

3 days ago
  • Events
  • Open source
  • Open source

Meet ONLYOFFICE at POSS, JRES, and re:Invent in 2019

Hello everyone! December seems to be quite a busy time for ONLYOFFICE. We will travel to the US and France…

1 week ago

New ways to ONLYOFFICE: AWS instances

Being on a mission to bring innovative office apps to everyone, we added ONLYOFFICE Enterprise Edition to AWS Marketplace. This…

1 week ago

ONLYOFFICE is looking for a mascot

Hello everyone! Our project is on the hunt for its spiritual creature. For this reason, we are opening a contest…

2 weeks ago
  • Documents

ONLYOFFICE Document Server is now available as a snap

Great news everyone! From now on you can easily install ONLYOFFICE Document Server as a snap package. Read this post to learn…

2 weeks ago

This website uses cookies. By continuing to browse the website you agree to our privacy policy.

our privacy policy