Which attack involves trying multiple password combinations to gain access to an account?

A brute-force attack is a method used by attackers to gain unauthorized access to an account or system by systematically trying every possible password or password combination until the correct one is found. This technique relies on the computational power of the attacker's machine, utilizing either automated software tools or scripts that can quickly cycle through large sets of credentials.

The effectiveness of a brute-force attack is influenced by various factors, including the complexity and length of the password and any account lockout policies that may be in place (which might limit the number of failed attempts). Because it does not rely on social engineering or exploiting known vulnerabilities but rather on sheer computational strength, it can be a straightforward approach if passwords are weak or if attackers have substantial resources.

In contrast, a Trojan Horse attack involves malware disguised as legitimate software that can create backdoors or gather information without the user's knowledge. A phishing attack is a form of social engineering that attempts to deceive individuals into providing sensitive information through deceptive emails or messages. An external attack is a more general term and can refer to any attack launched from outside an organization, which could include various methods such as exploitation of vulnerabilities or employing malicious software, but it does not specifically denote the password-cracking focus.