L0phtCrack is one of the most used tools by security professionals worldwide. After years of inactivity, version 6 was released in 2009 and development hasn’t halted since. In a new video, L0phtCrack co-author Christien Rioux aka dildog talks about the upcoming version and introduces some of the new features.
I didn’t get the point of it ten years ago when mudge was talking about it for @stake, and I still dont get it now.
AFAIK, the “good guys” point is to break your users’ weak passwords before an attacker does.
Obviously, these very same attackers will also be using the tool…
Better to have the tool the ‘bad guys’ use available to the ‘good guys’. If this weren’t published and advertised the bad guys would still have equivalent functionality, but most admins wouldn’t.
This seems a little pointless. Unless there is something I’ve missed L0phtCrack was abandoned because Rainbow Tables took over. Anyone who has the time to wait for a password to be cracked by brute force is probably not cracking your system. Similarly anyone relying on “strong” passwords to protect a system is probably not an admin of anything important and should strongly consider reading up on other forms of security like 2 factor authentication.
My problem here is that it’s very expensive software that just replicates what free software can do. I don’t see what all that money is getting me over say using Cain (because it’s easy w/ gui?) I could maybe understand paying 20$ to get a supported piece of software, but not the extortion L0pht’s charging.
Seriously? Wow, talk about overrating the value of your own product.
Edited 2010-12-19 08:42 UTC