Crashing is a hacker's way of collecting information about users and passwords that have been leaked on the Internet, generating a corresponding dictionary table, and trying to log in to other websites in bulk to get a series of users who can log in. Many users use the same account and password on different sites, so hackers can try to log in to site B by obtaining the user's account on site A, which can be interpreted as a crash attack.

The crash can be protected by big data security technologies, such as: using data asset combing to discover sensitive data, using database encryption to protect core data, and using database security operation and maintenance to prevent operation and maintenance personnel from crashing attacks.

Crash method:

1, with n password dictionary crash m account, the appearance of this is that an account in a certain short period of time, there may be multiple password attempts. So, you can add restrictions at the account level, e.g., an account with more than 5 wrong passwords in a day will be banned from logging in for 1 day.

2, with a few passwords to hit n accounts, the appearance of this is that the frequency of passwords will be very high, so you can count the number of times each password is wrong for a period of time, more than a certain threshold, this password is prohibited from logging in for a period of time.

3, with n groups of one-to-one account passwords to crash again, this case of crash purely from the account, password dimension, there will be no obvious anomalies.