LC 5 Password Auditing Solution Available
Digital security company @stake, Inc. announced the latest release of its L0phtCrack automated password auditing and recovery application, LC 5.
This new version is a cross-platform Windows and Unix solution, and features the first commercially available pre-computed password tables, which can reduce password auditing from hours to minutes.
LC 5 features a wizard-based interface to configure, schedule, and run comprehensive audits on Windows (2003/XP/2000/NT) and Unix (multiple versions) accounts across the enterprise, automatically and unattended.
Traditional password auditing tools use one or more of three basic techniques for password auditing and recovery: dictionary, hybrid, and brute force. Dictionary tools scan for words; hybrid tools scan combinations of words and numbers. The brute force method, which can take days to run, scans an almost inconceivable number of letters, numbers, and character combinations to root out passwords.
LC 5 can audit and uncover passwords no matter where they reside, on local or remote PCs, workstations, or servers, within domain controllers or in Active Directory. Password data can also be obtained from system memory, SAM files, and shadow files on Unix. LC 5 can conduct multi-domain scans securing password integrity across an entire business, not just a single domain.
The new version can highlight trends and problem areas through its enhanced reporting capability by providing real-time data and plots in both graphic and text formats. Summary reports cover information ranging from the scope of weak or empty passwords to information on locked, old, or dormant accounts. LC 5 reports also summarize password length and types.
Recovered passwords are also scored to help establish standards for various users and groups to ensure that higher-level users, such as network administrators, adhere to standards of password protection.
In addition to vulnerability assessment, LC 5 offers a number of remediation tools to help system administrators make password changes across the enterprise or even disable suspicious accounts. The LC 5 license also includes access to the @stake support Web site, offering users advice on establishing best practices for password assignments and management.
LC 5 is available in several editions, including: 1) Professional Edition, which supports both Windows and Unix environments; 2) Administrator Edition, which offers scheduled audits and pre-computed password hashes in multiple domains to dramatically accelerate auditing; 3) Site Edition, for site-wide installations; and 4) Consultant Edition, for multi-client assessments.
Price: See Web site.
Web Site: http://www.atstake.com/lc