A computer-implemented process, computer program product, and system for dynamic change of a password under a brute force attack. A computer processor determines a quantity of consecutive unsuccessful attempts to access the targeted item protected by a password. Responsive to the quantity of consecutive unsuccessful attempts to access the targeted item exceeding a predefined threshold, the computer processor acquires a new password for access to the targeted item, wherein the new password is based on a more complex set of password generation rules than a current password. The computer processor changing the current password of the targeted item to the new password, and in response to changing the current password of the targeted item to the new password, the computer processor sends an encrypted message regarding the new password to a user associated with the targeted item.