A dictionary attack is a technique used by criminals to break-in to a password protected device by breaching system level security. This attack aims to defeat the authentication process by systematically exhausting all the words in the dictionary to uncover a user’s password or the decryption key to an encrypted file. Dictionary attacks are often successful because organizations and individuals use short, ordinary words from the dictionary or simple variants that make for weak passwords. When attempting an intrusion, cybercriminals attempt all the common word combinations in conjunction with password charts to discover system passwords.
The term “dictionary” refers to a pre-arranged word listing that a hacker attempts to find the right password. Typically, such assaults are executed using software instead of manually keying in each password. Most users are unaware of the need for a sophisticated password, usually employing common words with a few numeric or special characters. This makes it easier for hackers to create a collection of common word -digit-special character combinations to uncover a password. Another form of a dictionary attack is when spammers use the same technique to generate millions of email addresses using letters and known domain name combinations.
A simple but effective countermeasure against dictionary attacks is to create passwords composed of a combination of uppercase, lowercase, digits and symbols instead of using ordinary words from a dictionary. As educating users about potential attacks and strong passwords is important, AttackSolutions offers training material designed to educate customers about setting up easy-to-remember but hard-to-crack passwords. We offer On-site as well as Online training tailored to the client’s requirement. We recommend Multi Factor Authentication (MFA) to protect against dictionary attacks. We have also designed delayed response and account locking on multiple password attempts on servers that we manage.
If you have questions or comments, please use this form to reach us, and you will receive a response within one business day. Your can also call us directly at any of our global offices.