Brute forcing is a heuristic technique that means, essentially, you're going to try to analyze every possible scenario by taking advantage of how much faster a computer is than a human brain. For example, you're not trying to deductively figure out the password or the next best move in a Chess game; you just test every possible situation and use the right one (or the best one according to some metric, depending on what the brute force algorithm is meant to accomplish).
Your code simply goes through all the possible values that could be held for a password and checks to see whether it has found it or not. If it doesn't, it moves on to the next possible combination until it does.
It's also a demonstration of a worst-case scenario, since the password, being defined as ZZZZZ, will be the last thing the algorithm attempts as a solution (assuming the maximum password length is defined as five characters.)
Also, as far as you being worried that people think you're using this algorithm for malicious purposes, I wouldn't be too concerned. Hardly any computer systems would actually be vulnerable to this kind of attack, and you would be locked out long before you ever actually happened upon a password.
