Dictionary attack

This is a method for guessing a password (or the key used to encrypt a message) that involves systematically trying each word in a dictionary until the correct word is found. This only works if someone has used an everyday word as a password – rather than using a combination of letters, numbers and non-alpha-numeric characters. If someone has used a complex password, it is necessary to employ a brute-force attack. One way to reduce the susceptibility to a dictionary attack is to limit the number of permitted attempts to enter a password – for example, by allowing only three failed attempts and then permitting further attempts only after 15 minutes.