The bad guys are already doing it. Here’s why and how you should do it too.
(This is the first of a three-part series on Microsoft Active Directory password quality auditing and password cracking)
If your company has anything exposed to the internet, attackers are already brute force attacking your user’s passwords. All day, every day. There are very few things you can do to stop them. Our best hope is to slow them down as they circumvent every countermeasure we put in place and ensure that users have passwords strong enough to withstand a low volume brute force attack.
[Read more…] about Brute force attack your own users (Password audit part 1)