Dictionary Attack
Dictionary attacks use precompiled wordlists of common passwords and their variations to crack credentials faster than brute force by prioritizing statistically likely passwords.
Dictionary attacks use precompiled wordlists of common passwords and their variations to crack credentials faster than brute force by prioritizing statistically likely passwords.
Continue your mission
A dictionary attack is a password cracking technique that uses a precompiled list of likely passwords, known as a wordlist, rather than trying every possible combination. These wordlists contain common passwords, leaked credentials, dictionary words, and variations with common substitutions. Dictionary attacks are significantly faster than pure brute force because they prioritize the most statistically likely passwords.
The attacker compiles or obtains a wordlist containing millions of candidate passwords sourced from previous data breaches, common password patterns, and linguistic dictionaries. Advanced wordlists include rule-based mutations that apply transformations like appending numbers, capitalizing letters, and substituting characters. Tools such as Hashcat and John the Ripper apply these wordlists and rules against captured password hashes at high speed. The attack progresses through the wordlist entries, applying each candidate against the target hash and checking for a match. Hybrid attacks combine dictionary words with brute force appendages, testing entries like "password123" or "Summer2026!" that reflect how users typically construct passwords.
Dictionary attacks are highly effective because research consistently shows that a large percentage of users choose passwords based on dictionary words, names, dates, and predictable patterns. Even with complexity requirements, users tend to follow formulaic patterns that wordlists and rules can predict. Organizations should implement banned password lists that block known compromised credentials, enforce passphrase-based policies, use password strength meters during creation, and adopt multi-factor authentication to reduce reliance on password strength alone.
CDA Theater missions that address topics covered in this article.
Rogue access point detection identifies unauthorized wireless APs on the network using WIPS sensors, wired-side monitoring, and signal triangulation to prevent network bypass.
LLM security risks include data leakage, prompt injection, model supply chain attacks, and unauthorized tool execution, requiring organizations to treat AI models as high-privilege components.
Written by CDA Editorial
Found an issue? Help improve this article.