Brute force attacks are very invasive and employ a trial and error approach. WordPress websites are typically victims of login brute force attacks. In fact you can find many guides on how to protect your WordPress from brute force attacks. During a WordPress brute force attack, attackers use automated tools to send 100s and 1000s of login requests using a list of random usernames and passwords. The aim is to guess a username and password combination and gain access to the admin pages of the target WordPress website. Brute force attacks against a login page are also commonly known as dictionary attacks.