Password Audit

We’ve all been told our passwords need to conform to a minimum length and must include special characters, but do you really know how resilient your passwords are to attack?

For a long time and for a while yet, passwords will form part of our every day lives for authentication and are generally scrambled so that they cannot be read by prying eyes. 

Modern hardware has provided attackers a platform on which they can attempt to unscramble passwords at blistering speeds. If an attacker is able to establish a position where they can attack your passwords, the robustness of your password policies and the awareness of your employees dictate how successful the attacker will be.

Are your organisation’s passwords resilient to attack?

We provide a unique auditing service that analyses and reviews how resilient your passwords are to attack. Using our custom password attack system in conjunction with advanced attack techniques and in-house built password rule sets, we will attempt to break your passwords just as an attacker would.

Depending on your requirements we can test the resiliency of:

  • Workstation and server logon passwords
  • Internal and external application passwords
  • Database passwords
  • Network device passwords

Following the assessment you’ll receive a detailed report providing multiple metrics around your organisation’s password security levels. Our reports do not display any assessed passwords (clear text or otherwise) irrespective of whether attacks were successful or not, and include a detailed analysis of the following areas.

password audit
  • Attack success rates
  • Timing metrics to highlight ease or difficulty of a successful attack
  • Breakdown of standard and privileged accounts at risk of compromise
  • Identification of password reuse within your organisation
  • Email address checks for presence in past data breaches
  • Domain password checks for presence in past data breaches
  • Identification of weaknesses against the NIST SP 800-63B password standard
  • Expert tailored advice to help increases your resiliency to future attack