Dictionary attacks on passwords

A lot of cryptographic applications are password-based, e.g. login (authentication with passwords). A dictionary attack is a simple method of attacking such applications. The idea behind a dictionary attack is that the choice of passwords is not evenly distributed, as a rule. Typically, the user chooses a familiar term as the password, as such passwords are easy to remember. However, one should be aware that a modern computer can try out over a million terms from a dictionary in a matter of only a second. A password that is chosen from the dictionary is therefore a major security weakness. More sophisticated dictionary attack programs combine attacks from the dictionary with one or two other ASCII characters, enabling them to crack better selected passwords such as

not2bad
4you 
KAT.ZE

Recommendation:

A good password has a length of at least eight characters, is alphanumeric and contains a mixture of upper and lower case letters.

Examples:

Almost good:

wInTer89
biLly2yoU

Better:

1FiaaoccbfothpEodkoa1

Further information about attacks on cryptosystems can be found on the help page Examples of different kinds of attacks.