dictionary attack


Also found in: Dictionary, Thesaurus, Medical, Legal, Wikipedia.
Related to dictionary attack: Brute force attack

dictionary attack

A type of brute force method for uncovering passwords and decryption keys. It sorts common words by frequency of use and starts with the most likely possibilities; for example, names of people, sports teams, pets and cars. For greater security, users should not use passwords that could be found in an ordinary dictionary. While a dictionary attack can be done manually by an individual, it is easily done via software and a database with millions of words. See brute force attack and Captcha.
References in periodicals archive ?
This off-line dictionary attack may lead to devastating losses of passwords, because it can be mounted against any registered client and does not even require the participation of the victim, and the steps for verifying password guesses can be performed in an offline manner by an automated program.
On Countering Online Dictionary Attacks with Login Histories and Humans-in-the -loop.
Gates said in his email yesterday that the company is developing ways to prevent dictionary attacks, ways for email administrators to block email from open proxies, and ways for admins to check outbound email for inadvertent spam.
One note: In August, Joshua Wright, a systems engineer at Johnson & Wales University (RI) demonstrated that the LEAP system was vulnerable to dictionary attacks.
Dictionary attacks use randomly generated letter and word strings in message addresses sent out by the millions in an effort to stumble on valid addresses.
At this stage the receiving email server can help prevent dictionary attacks, where spammers attempt to validate random email addresses through the use of the verify command (VRFY) or by faking an email to series of email addresses.
WebQuota allows the client to limit concurrent logins (identifying users who have given away their username and passwords), and throttle bandwidth as well as protect against dictionary attacks.
Since IPSec is based on strong security through proven algorithms, using it over wireless LANs can address security concerns for wireless users such as eavesdropping, dictionary attacks, decryption of traffic, and unauthorized use.
For example, hackers or digital key-recovery services can use so-called dictionary attacks to uncover secret passwords and PINs in a matter of minutes.
Besides relieving the user from memorization efforts, the Pico solution scales to thousands of credentials, provides continuous authentication and is resistant to brute force guessing, dictionary attacks, phishing and keylogging.
Relying on dictionary attacks and the human factor greatly increases the chance of timely recovery - or, rather, revealing security weaknesses in existing wireless network infrastructure.
One pitfall of WPA-PSK is that the preshared key is subject to dictionary attacks (guessing of commonly used passwords).