As others have mentioned both Grover's and Shor's algorithms which do better than regular brute force when applied to the correct type of cryptography. For symmetric key crypto it makes the problem substantially easier as in it effectively halves the key length. Even effectively halving the key length would require brute forcing the rest of the work, assuming the algorithm isn't broken in other ways. For asymmetric key crypto like RSA it is broken as prime factorization is trivial using quantum computers. The issue around elliptical curve public key crypto is that most believe it is compromised by the NSA with their choice of values so quantum computers aren't really needed there. For public key crypto there is still Lattice-based public key crypto which appears to be immune to quantum attack.