Practice - Brute Force

Workspace

This section contains either a workspace (it can be a Jupyter Notebook workspace or an online code editor work space, etc.) and it cannot be automatically downloaded to be generated here. Please access the classroom with your account and manually download the workspace to your local machine. Note that for some courses, Udacity upload the workspace files onto https://github.com/udacity , so you may be able to download them there.

Workspace Information:

Default file path:
Workspace type: jupyter-lab
Opened files (when workspace is loaded): n/a

Try it!

Use the workspace above to answer the following questions

Brute Forcing a Password

SOLUTION:

magic

Mitigation Against Brute Force

What are some techniques to reduce the risk of brute force attacks?

Require sufficiently long passwords

Prevent commonly used passwords from being used

Require only short, easy to remember words in a dictionary

Log invalid login request attempts

Rate limit the number of incorrect attempts

SOLUTION:

Require sufficiently long passwords
Prevent commonly used passwords from being used
Log invalid login request attempts
Rate limit the number of incorrect attempts

Bonus!

If you're feeling up to it, try modifying the flask server code in app.py to prevent multiple failed login attempts.