L0phtCrack is a password auditing and recovery application originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and to recover lost Microsoft Windows passwords, using dictionary, brute-force, hybrid attacks, and rainbow tables. It was one of the crackers’ preferred tools of choice.
The first version of this renowned password cracker was released 19 years back. Once upon a time……Anyway, I digress..
It is a password auditing tool, which tests your Windows and Unix password and forces the admin to block users due to weak password. It was the first Windows password auditing tool. When it released for the first time it was able to crack windows password (8 characters) within 24 hours. It forced Windows to change how it dealt with passwords, forcing it to dump LANMAN hash algorithm and switch to NTLM.
Today, after 7 long years, L0pht Crack 6 released in March 2009, L0phtCrack has announced L0phtCrack 7, available immediately.
The latest version has an all new cracking engine which takes advantage of multi-core CPUs and multi-core GPUs. A quad-core CPU running a brute force audit with L0phtCrack 7 is 5 times faster than L0phtCrack 6. If you have a GPU such as the AMD Radeon Pro Duo the speedup is an astounding 500 times, according to the L0phtCrack 7 announcement post.
The post also notes that the password cracking in windows has become easier over time. According to the announcement, the 8-character alphanumeric password in Windows NT could be cracked by the original L0phtCrack in a Pentium II 400 MHz CPU within 24 hours. The latest version, can crack the same passwords in Windows 10 within 2 hours with a minimal cost 2016 Gaming PC. Windows passwords have become much less secure over time and are cracked very easily. Other OSes, such as Linux, offer much more secure password hashing, including the NSA recommended SHA-512, while Microsoft still uses MD4 hash, an insecure 26 years old hashing algorithm.
Other than faster password cracking, L0phtCrack 7 offers a better password auditing wizard, reporting, and scheduling. The new release works with all versions of Windows along with the support for many new UNIX password hashes.
