Appendix ››
Parent Previous Next

Password Quality Category

Q. Is there a setting for me to change the Minimum Password Length for reporting purposes?

A. No. One option would be to export the report and import it into Excel.

Q. Is there a way to segregate specific accounts for the utilization of Brute Force Attacks. The situation is when I want to target specific accounts or perform brute force on those accounts that did not crack using the dictionary or user information?

A. Yes. You can limit accounts by deleting those accounts you do not want to crack. Delete accounts by highlighting and hitting the Delete key.

Active Directory Support

How one may connect to Active Directory, various usage scenarios, and requirements

Q. Describe how to use L0phtCrack 7 to determine password complexity compliance with Active Directory? Is it as simple as running L0phtCrack 7 on a workstation and pointing to a domain controller as the "Remote System" or is there more to it than that? I understand that you would need Domain Administrator rights to perform the analysis.

A. It is as simple as importing from a remote machine and selecting Active Directory as the machine. You need Administrator privileges on the machine. Typically Domain Administrators have this privilege.

Q. What exactly do I need in order to obtain the password hashes from a remote Active Directory domain controller? I know that local admin privileges will suffice, but I need to know specifically what I need in order for L0phtCrack 7 to extract the hashes.

A. You need the debug privilege.

Q. I have been trying to use the L0phtCrack 7 product to decrypt passwords on my server, I am using the product with active directory and every time I use the wizard an error message comes back saying no encrypted passwords were imported. The L0phtCrack 7 wizard cannot continue please try another password retrieval method to continue. What do I need to do for the product to work?

A. You need Administrator privileges on the Active Directory machine. The machine also needs to be able to be remotely administered if you are running L0phtCrack 7 on another machines and importing the password hashes remotely.

Remote Scans

Q. When you use L0phtCrack 7 to retrieve password hashes from remote machines is the data encrypted whilst being transferred?

A. Yes the data is encrypted whilst being transferred.

Selected Account Audit

Q. Is there a method by which I can either restrict, or selective choose which accounts are audited?

A. Yes, LC will let you delete accounts that you do not want to audit.

Password Recovery

Q. Why do I see a blank password field after the completion of the audit?

A. This means that the password was not cracked by L0phtCrack 7. This is typically a strong password depending on your cracking settings.