Embodiments of the present invention may detect an access attack by analyzing the passwords from successive access requests in an access session or by analyzing successive access attempts to determine patterns in the access information. For example, the analysis may consist of examining the access information to determine cycling in passwords of the access information. Cycling passwords may consist of password that are varied in a predictable or repetitive manner such as “aaaa”, “aaab”, “aaac”, “aaad”, etc. In addition, the usernames and passwords from successive access requests in an access session are analyzed to determine patterns in both the usernames and passwords. The analysis may consist of examining the access information to determine the use of identical passwords for various usernames. The analysis may also detect the cycling of passwords across multiple usernames.