Dictionary Attack

What Is Dictionary Attack?

Dictionary Attack definition and explanation.

A form of brute-force technique where adversaries try to bypass an authentication mechanism by trying dictionary words as passwords until the correct password is found. Dictionary attacks require fewer resources and time as a list of selected dictionary words are used as compared to trying every possible combination until the correct password is identified.

A dictionary attack is a type of brute-force attack, but it uses a predefined list of passwords that would have a higher probability of success.

—Deral Heiland, IoT research lead, Rapid7

Glossary
Read our related blog posts
Are Password Managers Broken?
January 26, 2023
Are Password Managers Broken?

Recent breaches raise concerns about password managers. Are they still safe to use?

The Password Security Conundrum
May 6, 2021
The Password Security Conundrum

Why password security continues to be a critical issue despite evolving authentication methods.

How to Protect Microsoft Active Directory Passwords?
November 3, 2021
How to Protect Microsoft Active Directory Passwords?

Best practices for protecting Microsoft Active Directory passwords from misuse and breaches.

About Scirge
Shedding Light on Shadow IT

Scirge gives organizations the tools to discover and manage Shadow IT by tracking where and how corporate credentials are used across SaaS, supply-chain, GenAI, and other web applications. It helps discover Shadow SaaS and Shadow AI, and identify risks like password reuse, shared accounts, and phishing, while providing real-time awareness messages, automated workflows, and actionable insights.

Trusted by
Ready to discover
Shadow IT?
Shadow AI?
any SaaS app?
any GenAI app?
any supply chain access?
corporate password reuse?
shared accounts?
successful phishing?
SSO accounts?
weak online passwords?
overlapping services?
Contact us
Shadow IT and SaaS Discovery
Cloud and Corporate Identity Protecion
Compliance and Governance
Company
Product
HomeFeaturesPricing
Shadow IT and SaaS Discovery
Shadow IT Visibility And Monitoring
Cloud Application and Identity Inventories
Agentless Historical Shadow IT Audit
Shadow IT and SaaS Security
Password Protection for Corporate and Cloud Identities
Employee Education And Engagement
Phishing Detecion and Awareness
Identity Governance
Compliance with Shadow IT and Shadow AI Monitoring
Asset Management and Supply Chain Control
Cloud Identity Lifecycle Management
Resources
BlogGlossary
Company
AboutContactPrivacy Policy
Shedding Light on Shadow IT
© Scirge, 2025
Close Cookie Popup
Cookie settings
By clicking "Accept all cookies", you agree to storing cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts as outlined in our privacy policy.
Accept all cookiesCookie settings
Close Cookie Preference Manager
Cookie settings
By clicking 'Accept all cookies', you agree to storing cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts as outlined in our privacy policy.
Strictly necessary (always active)
Cookies required to enable basic website functionality.
Accept all cookiesSave settings