Abstract: Attackers rarely exploit systems when they can just login. Passwords are the gatekeepers to system access. Today's passwords are bad, but it's not for the reasons you think! The primary problem with password-based security today is selection. Password Selection Vulnerabilities are not simply the fault of our users, but often the result of poor processes within our organizations.
In this webcast, we delve into performing password auditing on Windows Active Directory domains using tools such as Cryptbreaker, DPAT, Hashcat, and ntdsutil. As we uncover the most common passwords in use today we will discover ubiquitous trends such as downward password strength drift over time. Remediations for these conditions can have a transformative effect on the security of our networks!