Although the DES key was too short as designed (probably this was predictable even in the mid-1970s), today's algorithms with 128-bit keys are effectively invulnerable to brute-force attacks in perpetuity.

Unfortunately (or fortunately, depending on your perspective), many attacks work a lot faster than brute force. One simple attack is a "dictionary attack." The idea in a dictionary attack is that selection of password, passphrase, or key might not have been in a way that makes different keys equally probable. In the typical (and worst) case, users can select their own memorable passwords. Not surprisingly, users find it a lot easier to remember words in a dictionary than they do "random" strings of characters. But it takes a modern computer only seconds, or even milliseconds, to try out all the words in a 100,000-word English dictionary. And if the password is limited to, say, eight characters, that even cuts out some of those words. There are less than 2^17 words in a large dictionary, which provides awfully poor coverage of a 2^64 (eight-character) keyspace. Attackers can also search dictionaries in a fuzzy manner, albeit in more time. After attempting the actual dictionary words, an attacker can start trying combinations that are almost dictionary words, with only a character or two changed. The quality of keys and passwords is very important in a complete cryptosystem, and weak keys undermine a strong algorithm.