|
What is Dictionary Attack?
Dictionary Attack uses a dictionary. Password Crackers will try every
word from the dictionary as a password. A good dictionary (also known
as a word list) is more than just a dictionary, e.g. you will not find
the word "qwerty" in the ordinary dictionary but it will surely be included
into a good word list. Indeed, this combination of characters is commonly
used as a password.
Dictionary Attack is usually quite fast. Noticeable delays are possible
only if the dictionary is very large. However, the password can be recovered
only in case it is present in the dictionary. The probability that this
assumption is true is not, in fact, high. Nevertheless, since Dictionary
Attack doesn’t take much time, it is recommended to try it before proceeding
to the slow Brute Force Attack.
There is a variant of this method called Hybrid Dictionary Attack that
significantly increases the probability of success. In this case, the
password cracker checks all words in the dictionary along with its variations.
These can be, for example, the same words with different digits appended
to them. Hybrid Dictionary Attack is noticeably slower than Dictionary
Attack (for example, if the variations include words with two digits appended
to them, then the process is 100 times slower. In case of 4 digits appended,
it is 10 000 times slower).
| Time Required: |
Several minutes. If the dictionary is very large or in case
of Hybrid Dictionary Attack the amount of time required can
be much larger but it is still acceptable. |
| What is Recovered: |
Original password |
| Guaranteed result? |
No |
| Requisites/Limitations |
None |
| Passwords that can be recovered |
Any password |
| Pros |
Versatility, little amount of time required |
| Cons |
A small chance of success |
| International/Localization issues |
If the password is not an English word, then it is required
to use the dictionary of the appropriate language. We recommend
international users to use both English and national dictionary. |
|
|
