A brute force attack is any type of attack that involves trying every possible combination of characters or data in order to find the key in order to decrypt an encrypted message.
A brute force attack is usually used as a last-resort tactic in a cryptanalysis scenario, as it very much involves extreme amounts of trial and error and often relies on a lot of luck in order to find the key. A brute force attack is different from a dictionary attack, as it does not rely on a dictionary and simply tries every possible key that could be used.
For example, if the length of the key is known to be 5 alphabetic characters, a brute force would try every possible combinations from a – z.
aaaaaa aaaaaab aaaaaac ... zzzzzx zzzzzy zzzzzz
A brute force guarantees finding the key – it’s trying every possible combination and does not rely on any potentially incomplete dictionaries or lists of possible keys. The downside is that it takes a long time. Even for smaller keyspaces a brute force can take many days at minimum depending on available computational power – and for modern encryption brute force attacks would take at least hundreds of years. Technically possible, but no longer is a brute force attack a practical way of breaking encryption mechanisms.