What password-attack method systematically tries every possible password?

Brute force is the method that systematically tries every possible password, one by one, until the correct one is found. It doesn’t rely on known words or leaked lists; it exhaustively searches all combinations within the defined length and character set. Because it will eventually hit the right password given enough time and power, it’s often impractical in real systems due to the time and resources required, which is why protections like rate limiting, account lockouts, and multi-factor authentication are effective. The other options aren’t password-guessing techniques: a dictionary attack uses a predefined list of likely passwords; phishing and spoofing are social-engineering and impersonation methods, not attempts to brute-force credentials.