dictionary attack


Also found in: Dictionary, Thesaurus, Medical, Legal, Wikipedia.
Related to dictionary attack: Brute force attack

dictionary attack

A type of brute force method for uncovering passwords and decryption keys. It sorts common words by frequency of use and starts with the most likely possibilities; for example, names of people, sports teams, pets and cars. For greater security, users should not use passwords that could be found in an ordinary dictionary. While a dictionary attack can be done manually by an individual, it is easily done via software and a database with millions of words. See brute force attack and Captcha.
References in periodicals archive ?
The security requirements of this study are confidentiality, integrity, anonymity, efficiency, poison attack resistance and dictionary attack resistance.
But like all the other security techniques, this technique also has security threats like shoulder surfing, dictionary attack, social engineering etc.
In the dictionary attack procedure, the password cracker first reads the salt from locksettings.db file only if the PIN is used by the victim (in line (7)).
Similar to Tip 1, this prevents a dictionary attack and is difficult to physically pass around compared to a phrase (i.e.
Only if the dictionary attack fails will the attacker reluctantly move to what is called a "brute-force attack," guessing arbitrary sequences of numbers, letters and characters over and over until one matches.
These programs unleash the combined power of classic brute force attack, dictionary attack and precomputed hashes attack using rainbow tables to recover a user password for the corresponding databases.
A dictionary attack tries a range of words included in a previously compiled list, and tries it against the captured file till there is a match.
We now show that S-EA-3PAKE cannot protect clients' passwords against an offline dictionary attack. Assume a malicious client C who wants to find out the passwords of A and B.
A thief can't readily decipher these hashes, but can mount what's called an automated offline dictionary attack. Computers today can evaluate as many as 250 million possible hash values every second, Blocki noted.
However if the attacker steals the PVD, v, then she/he can mount an off-line dictionary attack. SRP 6 is subject to server compromise based dictionary attack.
We found that S-3PAKE is not secure against an off-line dictionary attack. The present work reports this new (and more serious) security problem with S-3PAKE and, in addition, shows how to fix it.