A common threat web developers face is a password-guessing attack known as a brute force attack.
A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works.
If your web site requires user authentication, you are a good target for a brute-force attack.
<a href=”https://www.owasp.org/index.php/Blocking_Brute_Force_Attacks” target=”blank”>https://www.owasp.org/index.php/Blocking_Brute_Force_Attacks</a>