Password Cracking Service


Recent breaches locally and Australia have occured because end user passwords, despite policies being in place were weak and subsequently compromised causing avoidable reputational damage and costs.

As a regular assurance activity, Securus Global's password cracking service can be used to proactively identify and address end user weaknesses mitigating reputational damage and the need to disclose publically a problem.

Securus Global's offline password cracking service is to identify user accounts whose passwords may be easily compromised in order that user education can be provided as appropriate, or indeed praise where it is clear that users understand the spirit of password requirements. In our experience, real world examples of security awareness benefits provide exponentially greater ROI than theoretical examples.

While penetration testing can help our clients in understanding the security posture of particular environments or applications, these projects often target only a small components of an organisation's entire IT estate.

Also, as a result of commercial realities, penetration tests are generally limited to a particular time window or amount of effort. The downside of this approach is that clients don't get to answer some of the "what would happen if…" questions? In particular what would happen if an attacker with more time and effort allocated to penetration tests were to gain leverage inside the corporate environment. Securus Global's new offline password cracking service is designed to answer this question.

Although many organisations will apply password policies to ensure that users choose passwords complying with length and complexity requirements, users will often select passwords that comply with the letter of the requirements whilst ignoring the spirit of them.

Securus Global's offline password cracking service is to identify user accounts whose passwords may be easily compromised in order that user education can be provided as appropriate, or indeed praise where it is clear that users understand the spirit of password requirements. In our experience, real world examples of security awareness benefits provide exponentially greater ROI than theoretical examples.

Securus Global's Offline Password Cracking service supports many current encryption and hashing algorithms (the latter including hashing implementations using custom salt values). For full details of technical suitability and pricing applicable to your particular requirements, please contact us.