A brute-force attack based on selecting potential passwords from a preprepared list. The attacker creates a “dictionary” of the most likely sequences of characters and uses a malicious program to check them all in turn in the hope of finding a match.
A special type of dictionary attack uses a list of possible password templates and automatically generates a variable component. For example, based on information about the victim’s name, an attacker can test the password denisXXX, substituting XXX for the numbers 001 to 999.