L0phtCrack is packed with powerful features such as scheduling, hash extraction from 64 bit Windows versions, multiprocessor algorithms, and networks monitoring and decoding. Yet it is still the easiest to use password auditing and recovery software available. L0phtCrack provides a scoring metric to quickly assess password quality. Passwords are measured against current industry best practices, and are rated as Strong, Medium, Weak, or Fail. Pre-computed password files is a must have feature in password auditing. L0phtCrack supports pre-computed password hashes. Password audits now take minutes instead of hours or days. L0phtCrack imports and cracks Unix password files. Perform network audits from a single interface.
Security experts from industry, government, and academia agree that weak passwords represent one of the ten most critical Internet security threats, and are receiving more attention as a source of vulnerability, both on client desktop computers and in networks. L0phtCrack 7 identifies and assesses password vulnerability over local and remote machines in a streamlined application, with built-in reports and remediation tools.
L0phtCrack 7 uses a variety of sources and methods to retrieve passwords from the operating system. Feedback about the strength of passwords is based upon the types of audit required to recover the password, and the length of time required for the audit. L0phtCrack 7 is a state of the art tool for password auditing and recovery that serves to guide organizational policies and procedures.
System administrators audit passwords to determine the strength of the passwords used on client machines and for network access. Weak passwords, such as a password based on a dictionary word, represent vulnerability points for any organization. Administrators use corporate password policies and filtered password generators to improve the quality of passwords used in their organizations. But without testing the passwords against a real world password auditor, the administrator risks the chance passwords can be uncovered by an external attacker or malicious insider. Freely available password cracking programs take into account the ways users select passwords in light of corporate password policies such as requiring the use of numbers and symbols. Many don't realize Patri0ts! as a password is just as easy to guess as patriots was in the past.
L0phtCrack 7 can be used to streamline the migration or upgrading of users from one authentication system to another by computing all user passwords. L0phtCrack 7 is also an excellent auditing tool that Administrators can use to detect weak passwords.
New in L0phtCrack 7
All New Cracking Engine:
L0phtCrack 7's cracking engine has been completely replaced with a state-of-the-art cracking engine, John the Ripper. Performance is greatly improved for dictionary and brute force audits. Many more password hash types are now supported.
Harnessing the computing capabilities of GPUs in graphics cards is a significant advance in password auditing. GPUs can be faster than traditional CPUs for certain password auditing operations. L0phtCrack 7 now supports the two most popular GPUs: AMD Radeon and NVIDIA. Password audits now take hours instead of days. L0phtCrack can support multiple GPU cards for exceptionally fast password auditing. A new calibration process selects the fastest cracking algorithm for the machine's CPU and GPU.
Improved Unix Password Support:
L0phtCrack 7 imports and cracks Unix password files from Linux, Solaris, OpenBSD, FreeBSD, and AIX systems. Password hashes can be imported remotely via SSH or from shadow files or passwd plus shadow files for more user detail. Perform password audits of Windows and Unix from a single interface.
Remote Windows Password Import Improvements:
L0phtCrack 7's remote Windows password import agent can now work over SMB so you don't have to open any additional ports or make configuration changes to the way you already remotely manage a machine.
Audit Scheduler Interface Improvements:
System administrators can schedule routine audits as before. Audits can be performed daily, weekly, monthly, or just once, depending on the organization's auditing requirements. The scheduling interface is much improved. Visibility into multiple jobs is possible.
L0phtCrack 7 is now extensible through a plug-in interface. New password hash importers, new password hash cracking support, and new reporting functionality can be added by 3rd parties and easily installed by end users.
The user interface is improved and updated. A new improved wizard makes common auditing tasks easy for first time users. Advanced users have precise control over importing from multiple systems and fine tuning their auditing job. Current status while an audit is running is clear and responsive.