Password audit

What is a password audit?

A password audit is a technical process used to test the strength of passwords. As passwords are often obfuscated due to a hashing algorithm being used, the audit can take a while. Using brute-forcing, many passwords are tested by using common words and their variations. Each of the generated passwords are hashed with the same algorithm and then compared with a password file.

Security tools

The following security tools are linked to password audit and are worth investigating.

  • PassGen (password dictionary attack tool)
  • pwdlyser (Password analysis and reporting tool)