An offline dictionary attack occurs when we use an automated program to decrypt an encrypted copy of a password database.

How might we get to such a copy of a password database?

Through a security vulnerability in a websiteBy posing as a colleague and asking for itBy creating it from scratch

That's right! This way, we can decrypt the database in the comfort of our hideout.

We need actual user data from a live website or somebody to get it for us, don't we?