Password Security Audit

Policy Finally Meets Application

Whether your network administrator left with the keys to the password castle or you simply want to develop and enforce stronger user authentication in your organization, AssureIT’s password security and audit services can help. As a matter of policy, we have made passwords our business:

  • Full-scale password and authentication audits
  • Policy development and review
  • Cracking attempts
  • Password recovery services
  • Multi-factor authentication implementation
  • User training and education

Users are smarter these days. They know they can’t choose a password like “abcd1234” but they don’t always understand the need for deep authentication protocols. By helping your employee population understand the critical nature of security and building a system that helps to minimize disruption to their daily work, AssureIT can help enable strong authentication across your systems.

abcd1234. It’s no longer a formulaic approach to passwords.

Passwords, Authentication, Access Control

AssureIT Experience in Password Security

Authentication & Education

Do you have unique user authentication needs in your organization? We can help you design and implement a protocol that will improve the security of your systems without disabling your business. What’s more, we can help you design a user education and training system that builds understanding of this critical security element.

We Understand Phishing VS. Whaling

Often times those at the top of the organization are the highest risk for compromise…that’s when a simple phishing scheme turns into a whaling expedition. We can help translate the need for tightened security to leadership, bringing understanding to why an “all access pass for the boss” isn’t always the best idea.

Access Control Experience

Physical security goes hand-in-hand with password policy. From a high level, our work in penetration testing can shed light on other opportunities to strengthen your defenses across all areas of access control – be it physical, virtual or application based.

Rooted in Audit & Compliance

As full-scale Information Assurance and Technology Professionals, our work in password security is further substantiated by our decades of work across all industries. We regularly perform password audits as part of our audit work, or can provide them as stand-alone engagements.
Synercomm’s KrackIt System

A rig designed for one purpose: to crack password hashes. Let “The Kraken” dive in and uncover the low-hanging-fruit passwords used in your environment. By discovering weak passwords, your organization will have the opportunity to engage, inform, and improve password management among your teams and thereby increase the security of the organization, as a whole.

Contact us to set up a password testing engagement where we will supply “The Kraken” and perform the test. Alternatively, you may purchase your very own Kraken, assembled, guaranteed, and supported by us. Continuous penetration testing leads to faster detection and hardened defenses.

Or, build your own! We’ve posted a detailed guide on the AssureIT blog, #_shellntel.

The Kraken is made up of NVIDIA GTX 1080s – eight in total. These are graphics cards with immense parallel computing capabilities. Running Hashcat, the results are impressive – reaching 330 Gigahashes/second for NTLM and 200 Gigahashes/second for MD5 hashes.

Strengthen Password security with Synercomm