What Is Dictionary Attack?

You are just one dictionary attack away from all your computer systems or data being hacked. But wait, do you know what a dictionary attack is? If you do not know what is a dictionary attack, How will you be able to avoid it?

Now that you are caught in this dilemma do not worry! We got you covered. Stay tuned to find out what is a dictionary attack, how it is done, and how you can save yourself from it.

Definition Of A Dictionary Attack

A dictionary attack is a way of decoding the password of a network, account, computer, or any other IT resource. It is a method through which hackers can find out the password of any of your systems and eventually hack your information.

Different Methods Of Dictionary Attack

There are different methods of a dictionary attack, which a hacker can use to find out your password.

All Dictionary Words

One of the methods is entering all dictionary words as a password. Under this method, a hacker would use all the words in a dictionary, turn by turn, to find out your password. And by the definition of this method, it would mean that if your password is a common dictionary word like love, home, your password is breakable.

Common Passwords

Hackers can also have a list of the go-to passwords, which people are most likely to use. These passwords are then entered in a hit-and-trial method to find out the actual password. For instance, "nopassword" is a commonly used password, but it is also easily hackable.

Thus, hackers have a library of such pre-selected common passwords. They are confident that many people would be using these as their passwords, making the hacker's job easier.  

Mixing Common Words And Phrases

Not only are they entering proper dictionary words, but they are also smart enough to test out various combinations of words, phrases, and digits. So, in an attempt to break your passwords, hackers can test all combinations of words with different numbers under a dictionary attack.

"abc123", "nopassword1", "nopassword2" are some examples of combinations that you can expect a hacker to try out to break into your system. If the job seems manually exhausting, a computer hacker might do it quickly. It can come up with different passwords and make dictionary attacks even more effortless.

Guessable Information

Similarly, it is also common for hackers to customize such lists to include different combinations with the area's name, regional fruits, weather, or famous heroes of a particular area. Thus, if you want to keep the name of your local hero as your password, remember that your password might be in the list of a dictionary attack.

Core Reason For Dictionary Attacks

The hackers making a dictionary attack are being successful only based on one ground assumption and fact. The fact that people resort to some ordinary and common passwords, which makes room for dictionary attacks.

In an attempt to create a straightforward or rememberable password, the majority end up creating some common passwords that are easily guessable. Such passwords are already on the list of hackers ready to make a dictionary attack to find and hack different systems.

In a nutshell, setting a straightforward, non-complex password is your invite to the hackers making a dictionary attack because it is highly likely that your password already exists in the hackers' dictionary.

How Can Dictionary Attacks Be Avoided?

Now, the hackers are coming all prepared with a pre-selected list comprising of various passwords. And it is also possible that your password might also be on their list. So, is there anything that you can do to protect yourself and your system from a dictionary attack?

If that is your question, then let us answer it for you. The answer is yes. Yes, you can protect yourself from a dictionary attack in the following ways:

Allowing Only 3 Password Attempts In One Go

If possible, you should limit the number of times a person can enter a wrong password in a login attempt. If you limit the chances to three, the hacker cannot enter the wide range of passwords, from his dictionary to your system. Thus, your system is safe from the attack.

A 5-10 minutes Gap After Wrong Password Attempts

After three wrong attempts, there should be a gap of at least 5-10 minutes before the next login attempt can be made. This step is also considered important in increasing the immunity of your system and avoiding a dictionary attack.

Increasing The Strength Of Your Password

A strong password is your gateway to avoid all hackers and their attempts to attack your system. A password should be complex enough and such that even your colleague cannot guess it for you.

The strength of your password can be increased in several ways. A password can be made strong by adding a minimum of 8 characters, adding unique characters to the password, presence of at least one upper and lower-case letter in the password, combining numbers and letters etc., to name a few ways.

Thus, setting a strong password is your one hack to tackle the hackers as it ensures that your password does not exist in the hackers' dictionary.


Now that you know what a dictionary attack is, you can ensure that you are not inviting hackers for such an attack yourself. By simply setting an ordinary and simple password, you are putting all your systems and information on the brink of being hacked.

Therefore, think critically while setting a password. Your password should not be in the dictionary or on the pre-selected list of passwords that the hackers are about to use in hacking dozens of systems. The information mentioned above is your companion in deciding what your password should not look like to ensure that the hackers are not using it in their next dictionary attack.