Password Audit

We’ve all been told our passwords need to meet a minimum length and must include special characters, but do you really know how resilient your passwords are to attack? Our password security audit can help.

For a long time and for a while yet, passwords will form part of our every day lives. When stored on computers, passwords are generally scrambled so that they cannot be read by prying eyes, ensuring our secrets remain secret.

Modern hardware has provided attackers a platform on which they can attempt to unscramble passwords at blistering speeds. If an attacker is able to find these scrambled passwords, the robustness of your password policies and the awareness of your employees dictate how successful the attacker will be.

Our unique password security audit helps you identify where in your organisation your credential related risks lie, allowing you to mitigate them whilst increasing the strength of your organisational policy and security culture in the process.

Are your organisation’s passwords resilient to attack?

Our tailored password security audit analyses and reviews how resilient your passwords are to attack. Using our custom password attack system, advanced attack techniques and in-house custom password rule sets, we will attempt to break your passwords just as an attacker would.

Depending on your requirements we can test the resiliency of:

  • Workstation and server logon passwords
  • Internal and external application passwords
  • Database passwords
  • Network device passwords

You’ll receive a detailed report of your organisation’s password security levels with actionable results. We do not display any assessed passwords in our reports (clear text or scrambled) irrespective of whether attacks were successful or not. Included with the report is a detailed analysis of the following areas.

password audit
  • Attack success rates
  • Timing metrics to highlight ease or difficulty of a successful attack
  • Breakdown of standard and privileged accounts at risk
  • Identification of password reuse
  • Email address checks for presence in past data breaches
  • Password checks for presence in past data breaches
  • Identification of weaknesses against the NIST SP 800-63B password standard
  • Expert tailored advice to help increase your resiliency to future attack