I would suggest l0phtcrack by @stake. It can pull password hashes from the registry, from SAM files or even sniff the network in promiscuous mode to grab password hashes. Then it uses both dictionary attacks and brute force.
----- Original Message ----- From: "Robert Baulch" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, April 19, 2002 6:13 AM Subject: Password Checking Tool > Before introducing our new policy to enforce password complexity requirments, my management team has asked me to gather valid examples of existing users whose passwords are too simple. We have a combined environment of Novell and ActiveDirectory/W2K. Is there a tool that I can run as an admin that can easily be used to do this? > > This is a one time deal to "sell" the policy to some of our problematic users (which are backbone of our business) so we cannot just say "here it is ... deal with it" for fear they may become disgruntled and the business close ;-( > > Any suggestions would be helpful- > > Shirley > > > __________________________________________________ > D O T E A S Y - "Join the web hosting revolution!" > http://www.doteasy.com >
