A brute force attack is a common way to discover user passwords or keys. The goal is very simple: try all possibilities until a successful authentication is accepted by the server. Simple and easy, with the power of recent CPU’s, easy to launch! The number of probes is directly related to your password: a stronger password will resist longer than a simple one. By strong we mean a long string composed of lower/uppercase letters ([a-z][A-Z]), numbers ([0-9]) and special characters ([1@#&=/?,;$]{_°]).
To educate your end-users and demonstrate how their password is important, a nice tool is available online: Brute Force Calculator. Just give your password details (how much letters, numbers, …) and the tool will report an estimation of the time required by a typical PC to find your password!