A lot of cryptographic applications are password-based, e.g. login (authentication with passwords). A dictionary attack is a simple method of attacking such applications. The idea behind a dictionary attack is that the choice of passwords is not evenly distributed, as a rule. Typically, the user chooses a familiar term as the password, as such passwords are easy to remember. However, one should be aware that a modern computer can try out over a million terms from a dictionary in a matter of only a second. A password that is chosen from the dictionary is therefore a major security weakness. More sophisticated dictionary attack programs combine attacks from the dictionary with one or two other ASCII characters, enabling them to crack better selected passwords such as
not2bad
4you
KAT.ZE
Recommendation:
A good password has a length of at least eight characters, is alphanumeric and contains a mixture of upper and lower case letters.
Examples:
Almost good:
wInTer89
biLly2yoU
Better:
1FiaaoccbfothpEodkoa1
Further information about attacks on cryptosystems can be found on the help page Examples of different kinds of attacks.