Password Cracking

To evaluate the internal password policy as well as the quality of user passwords, terreActive offers the service password cracking. This is basically a matter of re-calculating the user passwords from password hashes.

Scope

•  Assessment of the internal password policy
•  Quality analysis of user passwords

Your benefit: What is investigated?

In the course of the investigation, the following questions are addressed:

• Are there any weaknesses in the current password policy?
• Is the internal password policy really being observed by all employees?
• Are weak passwords in use?
• Can a user account be compromised?

Result (Output)

You will receive a report that includes the following sections in addition to the Executive Summary:

• Results and statistics
• Recommended measures
• Useful tips

Selectable options

• Final discussion (online or on-site meeting)
• Live demonstration of how fast a password can be hacked (online or on-site)

Customer profile: Who should use the password cracking service?

• Companies that want to check their internal password policy as well as their compliance
• SMEs and start-ups

Resource planning: only little effort for you

Depending on the options you choose, you will likely invest between four and eight hours. You will use this time as follows:

• Participation in the kick-off meeting
• Organizing the space for cracking station
• Extraction of password hashes from your Active Directory
• Possibly participation in the final meeting
• Possibly participation in the kick-off meeting regarding live demo (rooms, equipment)