A Password list attack is a type of exploit where a list of usernames and passwords obtained from a hacked site other than the target of the attack is tried on another site. If the user has set a very weak password, the password attempt is likely to succeed before the lock is applied. Two-step authentication is a powerful authentication method that is effective not only for password list attacks, but also for attacks against other passwords as phishing is a little more difficult. Monitoring of login process may allow us to minimize the possibility of becoming a target of a brute force attack.”]
Source: https://hackercombat.com/a-primer-to-the-nature-of-brute-force-attacks/