A Dictionary Attack as an attack vector used by the attacker to break in a system, which is password protected, by putting technically every word in a dictionary as a form of password for that system. This attack vector is a form of Brute Force Attack.
The dictionary can contain words from an English dictionary and also some leaked list of commonly used passwords and when combined with common character replacing with numbers, can sometimes be very effective and fast.
How is it done?
Basically, it is trying every single word that is already prepared. It is done using automated tools that try all the possible words in the dictionary.
Some Password Cracking Software:
- John the Ripper
Difference between Brute Force and Dictionary Attack:
The difference with brute force attack is that, in brute force, a large number of possible key permutations are checked whereas, in the dictionary attack, only the words with most possibilities of success are checked and are less time consuming than brute force.
How to be on the safer side?
You can protect yourself from such kind of attacks by following ways:
- Choose a mix of upper and lower case letters, numbers and specials (i.e. special characters).
- Password must be a long string with more characters. The longer it is, the more time consuming it is to crack (sometimes, time to crack is in years).
- Password reset should be done after a certain period of time.
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.
- Difference between Active Attack and Passive Attack
- Buffer Overflow Attack with Example
- Denial of Service DDoS attack
- Birthday attack in Cryptography
- Ways to place K bishops on an N×N chessboard so that no two attack
- Perform DDoS attack using Torshammer
- Sybil Attack
- Man In The Middle Attack | Avoid Falling Victim to MITM
- Difference between Threat and Attack
- Selective forwarding Attack in wireless Sensor Network
- Wormhole Attack in Wireless Sensor Networks
- What is Zed Attack Proxy?
- Brute Force Attack
- Sinkhole Attack in Wireless Sensor Networks
- US Maritime Attack
- Zero-day Exploit (Cyber Security Attack)
- Difference between DOS and DDOS attack
- Replay Attack
- CRLF Injection Attack
- XML External Entity (XXE) and Billion Laughs attack
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to firstname.lastname@example.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.