May 28, 2004
$650 for Professional version, $850 for Administrator version
- Ease of Use:
- Value for Money:
- Overall Rating:
: Fast password recovery tools
Overall: A good password auditing tool that should be part of every administrator's tool kit.
This product being the latest version of L0phtcrack is euphemistically called a password auditing and recovery tool. It is known to others as a fantastic password hash cracker for Windows. And while the new name makes it sound more like a seminal Detroit rock band of the late 60's, the latest version hopes to kick out the competition with a array of new features.
Installing the software was ok except for activating the software with a unlock code (it took three attempts to get a code from its support line that worked!) The console is well-presented and immediately a wizard appears to take users through the steps needed to audit passwords. While a wizard might have some more technically-adept users turning up their noses in disgust, it is still a useful way of getting to grips with the software for the beginner and anyway it can be turned off.
The wizard starts by asking the user to where to retrieve passwords from. This can range from pulling passwords from a local machine (i.e. The one where the software is installed), a remote machine, a Windows emergency repair disk or from sniffing the local network.
We tested the password cracking ability first on our test machine. The program first goes through a dictionary/hybrid attack looking for weak password, such as "password". While the dictionary attack runs through normal words that are commonly used in passwords, the hybrid attacks take normal words and adds numbers and other characters, so it will try "password13" or "?password".
On our test machine it found what we assumed to be a good password full of numbers and letters (no words) very quickly. While that proves the software is very good at deciphering hashes, it also impressed upon us the need to make passwords even more complex.
Overall, a great application that has got better over time.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- The information security implications of M&A deals
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Over 400,000 phishing sites have been detected each month in 2016
- TalkTalk customers urged to get routers swapped over hacker fears
- Report: Mirai 'is just the tip of the iceberg'
- Avalanche takedown involved searches in 40 countries
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime