An offline dictionary attack occurs when we use an automated program to decrypt an encrypted copy of a password database.
How might we get to such a copy of a password database?
That's right! This way, we can decrypt the database in the comfort of our hideout.
We need actual user data from a live website or somebody to get it for us, don't we?