L0phtCrack 7 Features

Ultrafast Cracking

Multi-core & multi-GPU support takes optimal advantage of your hardware. Whether you have a single CPU with dual cores or an 8 CPU machine with 24 cores each, L0phtCrack’s multithreaded processing will utilize every last bit of your CPU. If you have one or more GPUs, whether NVIDIA or ATI, L0phtCrack’s OpenGL and CUDA support, opens the potential for billions of cracks per second depending on the power of your GPU.

L0phtCrack also takes the guesswork out of which type of processor and instruction set is fastest with our calibration process. When you first launch L0phtCrack it runs a calibration test. L0phtCrack cycles through all the hash types with each processor and algorithm to determine the fastest one for each hash type. Some hashes are fastest with the CPU and others the GPU. The fastest is stored. If you change your hardware, such as adding an additional GPU you can re-run the calibration process.

You can see from this calibration screen from a machine with an Intel Core i7 920 CPU running at 2.67GHz and an ATI Radeon 290 GPU that the GPU if much faster for some of the hash types. Speed is listed in Mc/s or Megacracks per second and Gc/s or Gigacracks per second. The fastest processor and algorithm type is highlighted in orange, or in flames if the speed beats 1 Gc/s.

Simple Password Loading

Wherever your password hashes are: local, remote, AD, or in a file. It’s simple to import them for auditing with our wizard. The L0phtCrack wizard makes it easy to step through the process of retrieving the password hashes for the accounts you want to audit. You don’t have to scramble to find and learn a separate command line tool that may not even support the latest Microsoft Windows version and hotfix. Password importing from a local or remote machine is built in and is as easy as entering a machine name and credentials into a form field.

Password hashes from UNIX machines are easily imported over ssh. You can use username and password with an optional sudo password or use public key authentication.

Easy to customize

Custom word lists, character sets, and lengths are easy to set. Crack the way you want and save the settings for later. The audit settings panel lets you select a standard character set, such as alphanumeric or UTF-8, or you can create your own. You can even use different character set for different hash types. The min and max password length can also be selected. The settings you select can be saved for later.


Fix weak passwords by forcing password resets or locking out accounts. If you are auditing a local or a remote Windows machine you no longer have to switch programs to remediate accounts with easily crackable passwords. Run your audit and remediate the accounts with weak passwords right from L0phtCrack. Select the weak accounts and right click to force password resets or lock our accounts.

Powerful scheduling

Admin and Enterprise versions allow scheduling sophisticated tasks for automated enterprise-wide password audits. Whether you are auditing to reduce risk or meet compliance regulations, periodic password auditing is a must. With L0phtCrack you can automate recurring audit tasks so that you simply end up with an export of cracked accounts on a weekly, monthly, quarterly, or annual basis. You can set up as many import, auditing, and reporting actions as you want in a queue and then run that queue on a schedule.

Audit multiple OSes

Windows plus first-rate Linux, BSD, and AIX support. L0phtCrack supports all versions of Windows between Windows XP and Windows 10 and many flavors of UNIX. In addition there is a flexible plugin system that will allow 3rd parties to supply support for additional password hash types and import mechanisms.