To evaluate the internal password policy as well as the quality of user passwords, terreActive offers the service password cracking. This is basically a matter of re-calculating the user passwords from password hashes.
- Assessment of the internal password policy
- Quality analysis of user passwords
Your benefit: What is investigated?
In the course of the investigation, the following questions are addressed:
- Are there any weaknesses in the current password policy?
- Is the internal password policy really being observed by all employees?
- Are weak passwords in use?
- Can a user account be compromised?
You will receive a report that includes the following sections in addition to the Executive Summary:
- Results and statistics
- Recommended measures
- Useful tips
- Final discussion (online or on-site meeting)
- Live demonstration of how fast a password can be hacked (online or on-site)
Customer profile: Who should use the password cracking service?
- Companies that want to check their internal password policy as well as their compliance
- SMEs and start-ups
Resource planning: only little effort for you
Depending on the options you choose, you will likely invest between four and eight hours. You will use this time as follows:
- Participation in the kick-off meeting
- Organizing the space for cracking station
- Extraction of password hashes from your Active Directory
- Possibly participation in the final meeting
- Possibly participation in the kick-off meeting regarding live demo (rooms, equipment)