Tools for password analysis

[jim.halfpenny at gmail.com (Jim Halfpenny)]

If you're making recommendations to managment consider using the tool
Microsoft PowerPoint.  Sounds like you have enough info for a short
presentation with some charts. Graphs will be easier to digest than
technical reports and you can back this with reference to best
practice guidance from SANS or other reputable sources.

Jim

On 27/11/2009, Francois Lachance <digitallachance at gmail.com> wrote:
> I am currently doing a password audit for my employer. I am somewhat
> shocked at the success rate Opthcrack liveCD returns with the free
> small rainbow table in an AD network that has the complex password GPO
> setting turned on - 96% after 5:50hrs
>
> Now that I have all those juicy passwords, I would like to do some
> kind of analysis to make recommendations to management. My first
> recommendation will probably be to increase the minimum password
> length.
>
> I have two questions for the list:
> 1.  What tools can I use to do that analysis?
> 2. Is there a way to force better complex password rules than what
> Microsoft provides in Windows 2003?
>
> Thanks!
>
> --
> Sent from my mobile device
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com

-- 
Sent from my mobile device