What is a dictionary attack and how does it work?

What is a dictionary attack?

A dictionary attack is simple in theory. It is based on a simple assumption: users don’t want to or cannot memorize long, random sequences of characters, and therefore they pick existing words, typically from an existing language.

You can, therefore, take a dictionary or a word list and hash them. When the hash matches with the password you’re trying to break, you have found the password.

A typical dictionary attack scenario

In a typical dictionary attack scenario, you will have a list of words. Those words can be from the English language (you could literally use the Oxford Dictionary and try every word), or they can be a more nuanced and optimized list of passwords, as we will see in some examples later on. In a dictionary attack, you’ll be hashing every word.

So, this could take longer or shorter, depending on the number of words that you’re using.

Dictionary attacks are best for scenarios when you are dealing with passwords that are most likely single words or based on words.

Customisation

Typically, you will use this type of attack if you know that you’ll be cracking longer words instead of random passwords. You can customize which words to use, add rules to them, and even modify words according to a pattern before hashing them.

For example, you can add numbers or replace characters with numbers and symbols that resemble the original letters — e.g. “p@s$w0rd” instead of “password”.

Yes, they could use password managers. We will see in a later section that these will not solve all your problems. However, users are able to memorize words, words with modifications, and so on.

Word lists

Your customization also depends on your word list. If you have a word list, like rockyou.txt, that stores the most common passwords, this could be useful even for passwords that don’t exactly resemble one word with modifications. But most likely, you will not have random sequences in your word list.

Unless you explicitly create these for the list, you won’t be able to break these kinds of passwords. It is also difficult to deal with multi-word passwords if you do not use the coding rules. And even if you do, it takes more time to break them.

Dictionary attacks compared to brute force attacks

Let’s consider a quick comparison with brute force attacks to give you some context. Brute force attacks are best used for short, random passwords, while dictionary attacks are better tools to crack longer passwords based on real words or whatever words your dictionary has.

Dictionary attacks are a bit harder to set up than brute force attacks, but they are still not too hard.