ASK ESS Cryptographic Services will provide definitive proof to the effectiveness of your organization’s password policy. Using our GPGPU password cracking cluster, we can test password strength using your defined parameters. Offerings include a passive brute force or actively performed engagement, utilizing varying degrees of logic and complexity.
Customers can chose between using the ASK ESS tool to extract a password file from a domain controller or workstation or you can request that an ASK Security Analyst perform the password extraction procedure. Multiple data transfer and chain of custody options are available upon request.
ASK ESS recommends a minimum password policy of 9 characters to avoid passive brute force audit failures. All password audit services include brute force password cracking of all ≥6, and you can choose move that up to ≥7 character passwords.
|Passive Brute Force Up To 8 Characters
||Up to 8 character passwords compromised in a maximum of 3 days, with 7 character passwords usually compromised in a maximum of 3 hours.
|Active Password Audit #1
||Wordlist audit with mask (special, case, numeric)
|Active Password Audit #2
||Dictionary audit with mask (special, case, numeric)
|Active Password Audit #3
||Full logic audit at ASK Security Analyst discretion
|Active Password Audit # 4
||Full Logic audit at customer discretion