A Bruteforce attack is when the attacker will try a set of combinations to try to get into an account. Let’s say that the key is a shape, then the attacker will try all existing geometrical shapes until it opens.
Similarly, an attacker will use dictionaries, numbers, a combination of letters and words or even known passwords as it’s own database to crack the code.
Such attacks happen due to a persistent group of people that just do not use strong passwords.
The stronger the attacker has the computer power, the more combinations it can execute on a given time.
Some companies to avoid such attack will make the login rest for a couple of seconds, or even minutes in case a wrong password is inputted.