Auditing Windows 2000 domain passwords

Any IT administrator should audit the user passwords in his domain periodically to make sure that there are no weak passwords.

The following two free tools can be used together to audit Windows 2000 domain accounts.

- John the ripper
- PWDUMP3

You can use pwdump3 to retrieve the password hashes from the domain controller and then run John.exe on those password hashes to attempt to retrieve the plain text password.

More details will be added to this TechByte soon...

Warning: By visiting this site and/or by using any information contained herein, you agree to the Techbytes.ca terms of use.

Add a comment about this TechByte

If you wish to add a comment regarding this TechByte, please use the form below. Please note that by submitting comments using this form you are allowing all of the information submitted to be visible on this website. Any comments submitted using this form will only be shown on the website if they are approved by the administrators of this site. IF APPROVED, COMMENTS MAY TAKE SEVERAL DAYS TO BE POSTED.

Other TechBytes:

• Oracle basic commands and queries
• Unable to connect to existing Maximizer Address Book
• How to manually send an email via telnet on Windows