One step in combating dictionary attacks is to understand what they are and how they operate. However, these pointers can be useful for individuals who are committed to preventing dictionary attacks:

When at all possible, stay away from passwords

The simplest and most reliable method of preventing dictionary hacking is to never use passwords at all. Use biometric logins and password-free authentication methods instead, when available, to safeguard your accounts.

Employ arbitrary passwords

Aim to steer clear of using easily uncovered personal information in your passwords, such as pet names, birth dates, or other identifying characteristics. To generate, store, and enter passwords in a secure manner, use a password manager.

Steer clear of the obvious

Unexpectedly, a lot of people choose simple, readily cracked word and numeric passwords like “Password123” or “abcd1234.” Because dictionary assaults are expressly meant to break through easy-to-guess passwords, these are the most vulnerable to hackers.

Select a passphrase

To gain access to accounts, construct entire phrases as passwords rather than just a word or number combination. These are frequently simple for people to remember, but they are far harder to guess. Someone who enjoys football, for instance, would say, “I want to be a linebacker for the Patriots.” Add random characters, digits, and uppercase letters to the passphrase to make it even more secure. For example, you could make it “IW@nT2B@L!n3B@ckER4THEPatr!0tS!”

Employ two-factor authentication

Configure accounts such that two or more authentication factors are needed for every login. For instance, a fingerprint and a password, or a one-time password created by an authentication software.

Try using apps for authentication

Whenever feasible, attempt to use authentication apps in addition to or instead of passwords. Numerous of these apps are simple to download to a phone, link to a specific account, and generate unique passwords at random for each login attempt.

Limit the number of login attempts

Nowadays, there are websites and apps that restrict how many times a user can attempt to log in within a given window of time. To prevent dictionary hacks, enable this on each account if there is an option.

Resets via force

Dictionary hacking frequently involves trying several password cracking strategies. Reduce the possibility of an attack succeeding by requiring password resets following a predetermined number of unsuccessful tries. If your accounts don’t allow you to do this automatically, you might be able to implement a more manual version by setting up your online accounts to email you in the event that you try to log in and are unsuccessful. You can go in and change your password to make sure it is secure if you receive notices of someone attempting to access your account, especially if you receive multiple of these notifications quickly after one another.

Steer clear of certain terms

Keeping all of your passwords free of popular words provides an additional degree of security for your account.