Published on February 25th, 2015 📆 | 4096 Views ⚑


What is a Dictionary Attack – How a dictionary attacker uses a word list
A dictionary attack occurs when the hackers try to obtain the passwords of a secure web site or area by using every single word in the dictionary (so that they can manually guess the password) in order to access confidential information. In terms of crypt analysis and computer safety, a dictionary attack is a method for overcoming a code or confirmation mechanism by trying to resolving its decryption solution or password. Hackers who conduct this attack try hundreds or sometimes millions of likely possibilities, such as words from a dictionary.

[adsense size='1']

A dictionary attack makes use of a targeted method of sequentially trying all the words in a comprehensive list known as a Dictionary (from a set list of values).Compared to a brutal force attack, where a huge part of the key space is investigated methodically, a dictionary attack tries only those possibilities that will most likely be successful. These are normally derived from a list of words for example a dictionary (hence known as dictionary attack). Typically, dictionary attacks do well because many people have an inclination to pick passwords which are short (7 characters or less), such as single words found in dictionaries or even simpler, easily guessed variations of words, such as attaching a digit. However, these are easy to conquer. Adding one random character in the middle of the phrase can make dictionary attacks indefensible. Unlike Brute force attacks, Dictionary attacks are not definite to accomplish something.

The difference between a brute force attack and a dictionary attack is rather subtle.  A Brute Force Attack tries to find out the password by using every possible combination, whereas a Dictionary Attack uses precompiled list of words – only those options are tried which are likely to work.

Dictionary attacks are usually conducted on home based computer users in order to hack wifi passwords or to unzip winrar with secure passwords. The success of these attacks is largely because people keep very poor passwords that are comprised of ordinary words or names.

[adsense size='1']

When computer users make use of complex passwords in order to protect connections, the chances of dictionary attack becoming triumphant are minimal. Dictionary attacks can make use of a system called String Manipulation in order to yield more input. Examples of string manipulation include adding capitalized letters into words, trying words backwards and using ordinary number substitutions -such as substituting the letter ‘a’ with the number ‘4’.

The effectiveness of a Dictionary attack can also depend on the types of words being tried and the sequence in which they are tried. For example, using lists of names can sometimes give way to quick results – this is because most of the people use their own names as their passwords!

On cannot predicate the time of these attacks nor can in any way be informed before hand of such attacks so anticipating a brute force or a dictionary attached may be next to impossible.

However, by choosing an effective password, the chances of such attacks can be eliminated.

Tagged with:

Comments are closed.