In cryptography, a brute force attack or exhaustive key search is a strategy that can in theory be used against any encrypted data by an attacker who is unable to take advantage of any weakness in an encryption system that would otherwise make his task easier. It involves systematically checking all possible keys until the correct key is found. This is a quite common technique that basically probes various combinations of username and passwords in order to enter the site. The general reason for doing this is to obtain access to the platform and then use it for generating spam or for harvesting user information.

Moodle has no active protection against such attacks other than strong password policies. However, administrators or teachers can be notified for all cases of failed logon attempts. To configure these notifications, visit the Administration | Security | Notifications page and configure it like this:

For this to work you must have properly configured mail support within Moodle and have cron job up and running. As a result, every time somebody tries to log in using the same username more than 10 times or tries to log in from same IP, an administrator will receive an e-mail that is generated every time cron is executed. That can be a good source of information and valid hint for any administrator to react by either blocking the specific IP or blocking some user account.