Problem solve Get help with specific problems with your technologies, process and projects.

Step-by-step guide: Cracking network passwords

Weak passwords can be a huge security vulnerability. You can mitigate this risk by attempting to find your weaknesses before a malicious hacker does. Contributor Kevin Beaver provides a step-by-step guide on how to crack your own network passwords.

Do you have a formal password policy for your Windows-based systems? Do you suspect that some of your network users have insecure passwords? If you answered yes to either of these questions, then now's a good time to check for password-related vulnerabilities on your network.

Passwords are often the first (and all too often, the last) line of defense to protect sensitive digital assets. Given that most Windows-based passwords (domain, Terminal Services, e-mail, etc.) tie back to the domain account, all it takes is one hole -- one entry point -- to get in and crack a password. Once that's done, anything is fair game. This is especially true with all the IIS-based applications, Citrix deployments, and other outward facing applications that so many organizations have in place today.

Cracking network passwords

 Home: Introduction
 Step 1: Ethical hacking methodology
 Step 2: Tools you should use
 Step 3: What good are your findings?


Kevin Beaver is an information security consultant, keynote speaker, and expert witness with Atlanta-based Principle Logic, LLC where he specializes in performing independent security assessments.

Dig Deeper on Windows Server troubleshooting