brute force attack
Coverage of brute force attack in the Nexus archive.
- Dashlane explains how attackers managed to download encrypted password vaults
Dashlane reported that attackers used a brute force attack on its device enrollment API to download encrypted password vaults from fewer than 20 users before automated security systems locked out the accounts. The attack involved generating valid tokens to register new devices on targeted accounts.
- Dashlane issues opaque advisory warning 20 encrypted vaults were stolen
Dashlane issued a security advisory warning that attackers stole 20 encrypted user vaults by launching a brute force attack against two-factor authentication (2FA) protections to register new devices on existing accounts. The advisory states the attack began on May 31, 2026, and a user provided a screenshot of a 2FA request notification received on Sunday.
- Dashlane says hackers stole password vaults via a 'brute force attack'
Hackers used a brute force attack to steal approximately 20 password vaults from Dashlane. The incident highlights a security breach involving unauthorized access to stored password data.
- Passphrases and probabilities
The article discusses the theoretical possibility of a randomly generated BIP39 seed phrase being guessed or brute-forced, and questions whether using a passphrase with a 12/24-word seed could result in the same private key without the passphrase. It highlights concerns about cryptographic security and entropy.