Free tool allows Active Directory users to test for weak passwords
While security is still heavily reliant on passwords, they represent a target for hackers and weak or reused choices offer an easy way into systems.
Security awareness training company KnowBe4 is releasing a free Weak Password Test (WPT) tool for organizations that use Active Directory, allowing them to check for multiple types of threats related to weak passwords.
Checks carried out by the tool include looking for the most common passwords and dictionary passwords, finding passwords shared among multiple accounts, and identifying accounts with no requirement to regularly change the password.
It can also find accounts that store passwords using a LAN Manager hash, which is susceptible to brute force attacks, accounts set up using older functional AD levels and which have no AES keys, and accounts that don’t encrypt authentication requests, giving the attacker the ability to perform offline brute force attacks which are less likely to be detected.
"KnowBe4's release of Weak Password Test furthers our mission to empower IT pros with proactive tools to detect threats and educate their users to have security top of mind," says KnowBe4 CEO Stu Sjouwerman. "Our customers use KnowBe4's new-school security awareness to reduce their organizations phish-prone percentage, and now they can also mitigate both user- and implementation-related password management weaknesses. Using a weak password is an open-door invitation to cybercriminals. Weak Password Test makes it quick and easy to identify weak passwords so IT managers can take effective action fast."
To keep things secure, the tool does not show or report on the actual passwords of accounts, it simply identifies the accounts that are affected by vulnerabilities. For more information, or to download the free Weak Password Test, you can visit the KnowBe4 website.