English 
Русский 
简体中文 
Português do Brasil 
Français 
Español 
Türkçe 
Polski 
Tiếng Việt 
한국어 
Nederlands 
Italiano 
日本語 
Eesti 
Čeština 
മലയാളം 
Bahasa Melayu 
हिन्दी 
اردو 
Bahasa Indonesia 
Safe WebA dictionary attack is a form of cyberattack used to access confidential data, often used by malicious actors to gain access to user accounts or to access networks. The dictionary attack works by trying to guess passwords and authentication credentials with a set of commonly used words or phrases called a dictionary, which can also contain words from a certain language.
The idea behind the dictionary attack is to emulate the process of a human testing a range of known passwords, making it an example of a brute force attack. The attacker will usually use a pre-defined dictionary of words that they will try in combination with other words or numbers to guess the correct authentication credentials. Often the words in the dictionary are pre-sorted by popularity, allowing the attack to go even faster.
In some cases, dictionary attacks are automated with scripts or programs that can quickly run through the whole dictionary, making the attack very efficient. Some of these programs can even imitate human typing to bypass two factor authentication protocols.
While a dictionary attack is quite successful and can be very successful in some cases, there are steps websites and users can take to strengthen their online security. The most important one is to choose strong passwords that are not words that are commonly used as a password; this can be accomplished easily with a password manager. Additionally, combining a dictionary attack with other methods, such as a dictionary attack with captchas or picking certain passwords from the dictionary, can make it even tougher for an attacker to get into the system.
