Dictionary Attack

A dictionary attack is similar to a brute force attack except it uses more likely possibilities to guess a password or the contents of a hidden message. Dictionary attacks are commonly performed against passwords where words and variants from the dictionary are chosen as a possible password. Brute force attacks will try all possibilities and are also used to try to crack encryption keys.

Dictionary attacks and brute force attacks can be mitigated by limiting the number of failed login attempts in a set period of time. However, an encrypted or hashed password may be intercepted by an attacker. The attacker can then use an unlimited set of guesses from the dictionary to find the password. This is one reason choosing strong passwords that do not use dictionary words is very important.