Making The World More Secure 1 Password At A Time

In today's modern world passwords are everything, they are the one thing standing between attackers and your business. Therefore, it is crucial to have strong passwords. This used to mean adding a special character to the end, but unfortunately that is no longer the case. Attackers harness modern technology to go after passwords like never before. So how can you be sure your passwords are safe?

Thinking Like A Hacker

To aid in our security audits we developed the tools and resources to crack passwords exactly like the bad guys. Our password cracking tools were developed for our penetration testers to use when working on client engagements. We found clients were periodically using similar tools to check passwords themselves, yet we were still cracking upwards of 50% of the user's passwords. When we dug into the root cause, we found the issue was the size of the password list being used by clients. It was woefully small and their tools were providing a false sense of security.

Reacting to this, we built Password Professor from the same code our penetration testers were using in the field, but set it to securely audit client passwords, and provide a report that is easily understood. Using Password Professor we can perform password audits on your system that will tell you exactly which passwords the bad guys can crack (and that you should change). After remediating the results from our report, you can rest assured that your passwords are no longer the greatest risk to your organization.

Compliance

NIST SP 800-63 recommends, “Screening new passwords against a list of commonly-used, expected, or compromised passwords.” Traditionally, compliance frameworks only mandated character length and complexity, but now we are seeing new revisions released requiring periodic screening of user accounts. At this time, our solution is the most thorough in that it check 300,000% more passwords than our competitors.