Re: [ActiveDir] Weak AD passwords

[Paul Williams]

Title: Message

Lophcrack was purchased by Symantec and is now sold as an enterprise security product.  It's called LC5, I believe, but has recently been discontinued (after symantec stopped selling it to people outside of North America) and support runs out at the end of the year.  Which is a real pain as I've recently recommended it and now need to revise my recommendations!     --Paul ----- Original Message ----- From: McCann, Danny To: ActiveDir@mail.activedir.org Sent: Wednesday, August 09, 2006 3:59 PM Subject: RE: [ActiveDir] Weak AD passwords Hi   Haven't used it, but one of my colleagues swears it's too good. :) Try Rainbow Tables.   Cheers   Danny   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ Sent: 20 March 2006 21:38 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Weak AD passwords Can anyone recommend any tools to find which of our users have weak AD passwords?  We used to use L0phtcrack back in the day, but it doesn't appear to be supported any longer?  Other than enforcing complex passwords (which we do) and 8 character minimum, we'd like to figure out who uses things like "Password1" or something silly like that.   Thanks in advance Email has been scanned for viruses by Altman Technologies' email management service ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of the Cooper Cameron Corporation and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~