A dictionary attack is a type of identity breach where the hackers steal the password of the victim to gain access to personal or corporate information.
What Is A Dictionary Attack?
- It is one of the cyber attacks where cyber criminals take advantage of the user’s habit of using common dictionary words as a password. Most internet users have a tendency to use simple or easy to remember words and phrases as their passwords.
- In simpler words, it is an attempt to gain unauthorized access to a computer system or user account by using a large set of words to generate a potential password.
- The traditional approach used by the hackers involved multiple attempts by making use of common words found in the dictionary. However, the attack has now evolved and the attackers make use of databases that include common dictionary words and passwords leaked in previous attacks to crack the password.
- Some software are also available that help in cracking a password by using the password databases and producing common variations. In contrast to a brutal force attack, a dictionary attack tries only the password possibilities that are considered to be most likely to succeed.
Pre-Computed Dictionary Attack:
It involves pre-computing a list of hashes of common dictionary words these hashes are stored in a database. Once completed, the pre-computed database can then be used anytime to instantly lookup for the password hashes to crack the corresponding password. Although a lot of time is consumed in preparation, the actual attack can be executed faster than a simple dictionary attack.
Common Cracking Software Used In Dictionary Attack:
- Burp Suite
- Cain and Abel
- John the Ripper
- Metasploit Project
How To Prevent A Dictionary Attack?
In order to prevent a dictionary attack, following steps can be helpful:
- Change the security settings to lock the account after reaching a maximum number of authentication attempts.
- Use multi-factor authentication to log in.
- Use special characters and extra syllables in the password.
- Use longer passwords.
- Avoid reusing old passwords.
For more information on what is a dictionary attack and how to prevent it, contact Centex Technologies at (254) 213 – 4740.