Editor's Choice: Security

<b>Winner: </b>@stake LC4<br> <br> <b>Honorable Mention:</b> <a href="#msdn">Microsoft Corp. MSDN Universal Subscription</a>

LC4 $350 per license  @stake; 617-621-3500;

Why would a security evangelist tap a password-cracking program as her favorite security tool? Think about it: How can I get the attention of users and techies? How can I best attack the most problematic issue in information system security? I can convince them that using strong passwords and changing them frequently are actions they can take to improve security (and that not doing so is the No. 1 reason much of their other security efforts are futile). With this tool, I can do just that—and so can you.

But before you hyperlink over to, shell out the cash and proudly present the CEO with his password, download a little common sense and get permission to crack the passwords on your network domains, servers and desktops. Get it in writing. Sure, listing passwords for executives will get their attention; but, without appropriate authority, it may get you fired. Instead, learn what LC4 can do, make it part of a rational password-auditing policy for your organization and use it to strengthen security. You’ll probably never get to show the CEO this, but at least he or she won’t be showing you the door.

@stake LC4
@stake's LC4 provides session options for the type of cracks you want to perform.

You use LC4 to extract the password hashes from a SAM database or Active Directory. Alternatively, you can capture LM and NTLM challenge/response data from a network authentication session, use a SAM file from a backup tape, or use one extracted from AD with pwdump3 (a shareware tool).

Next, set session options, then start the crack. By default, passwords are checked for usage of the user ID as well. The cracked password, which type of crack actually got the password, and the time it took to crack each password are displayed on the screen. Alternatively you can turn off the “display the password” part of the program. Cracked passwords aren’t displayed, but the time it took to crack them is. This is an excellent feature if you don’t want to expose everyone’s password but want to show the results of your audit to the widest audience.

So why bother writing strong passwords? As an LC4 audit teaches: The stronger take longer, and bigger is better. Maybe the attacker will go elsewhere or maybe you’ll have changed the password by the time they crack it. It’s a definite “must” tool in your arsenal of audit tools, and it makes a darn good teaching tool, as well.

Honorable Mention
MSDN Universal subscription
$2,799 ($2,299 for renewals)

Sometimes, the leader is so far out ahead of the pack that coming in second doesn’t matter. This time, however, it does. My runner-up security tool is my MSDN Universal subscription. What? “That’s not a security tool,” you say! I beg to differ. This little tool provides me with a copy of Visual Studio .NET and copies, for educational and testing purposes, of Windows 2000, Windows XP and Windows .NET, SQL Server, Exchange Server, ISA Server, BizTalk Server, Commerce Server, Application Center Server, SharePoint Portal Server, Visio and more. This—along with the SDK, MSDN Library, access to special newsgroups and other special offers—is something no serious Windows security researcher can afford to do without. As an added benefit, my production machines remain production machines. I can set up the test network of my dreams for one small software cost.

About the Author

Roberta Bragg, MCSE: Security, CISSP, Security+, and Microsoft MVP is a Redmond contributing editor and the owner of Have Computer Will Travel Inc., an independent firm specializing in information security and operating systems. She's series editor for Osborne/McGraw-Hill's Hardening series, books that instruct you on how to secure your networks before you are hacked, and author of the first book in the series, Hardening Windows Systems.

comments powered by Disqus

Reader Comments:

Fri, Apr 23, 2004 Anonymous Anonymous

Seems quite good. Does not seem to be doing anything fishy (like backdoors, etc..)

Cleanly uninstalls. Too costly.

Sun, Dec 21, 2003 Anonymous Anonymous


Mon, Oct 20, 2003 Anonymous Anonymous

Wicked auditing tool.

Sat, Oct 18, 2003 yasser egypt


Thu, Oct 9, 2003 ximi norway


Wed, Sep 10, 2003 David N Washington, MO

Not a bad audit tool. I cracked 60% of the passwords on the network with the trial version. I purchased LC4 the same day. need to crack a local account in which a vendor purchase implementation did not supply or document.

Tue, Jul 29, 2003 Anonymous Anonymous

Best NT Audit Tool ever!!!

Sun, May 18, 2003 Ocean Anonymous

Look at the program SAMInside v2.1. It can break SYSKEY and has brute-force speed 3 times faster than LC4!!!

Wed, Apr 23, 2003 President Bush Washington

Now see here kids, this is the kind a program that hackers use to steal passwords. Dont use it, see. It sucks, see.

Thank You very much america, see
Your man, the president

Tue, Apr 8, 2003 Anonymous Anonymous

It has Spyware... I just found out....

Mon, Apr 7, 2003 Anonymous Anonymous

The fastes nthash cracker is the best

Fri, Mar 7, 2003 Condums on head! Jizzboro

It did not guess my password! (My pass is "penis")


Thu, Mar 6, 2003 kemo hgh


Sat, Feb 15, 2003 yarco Anonymous

it doesnt work when u are logged as user, u need admin privilages for all this to work (:

Thu, Jan 23, 2003 Leo Ostenfeld

L0pht crack is the best auditing tool I've ever seen, the brute force is superfast... This atsteak from Hax0r island is a stupid guy, LC4 is very easy to use and works even with win2k passwords (in brute force mode)...

Thu, Dec 26, 2002 atsteak Hax0r Island

Written by a bunch of no good hackers. How can you trust them? LC4 won't go on my network I don't care how legit they appear.

Mon, Dec 23, 2002 Emmanuel Hellas

No comments

Fri, Dec 20, 2002 CyberDarK BRAZIL

This is truth program

Thu, Dec 19, 2002 Anonymous Anonymous

L0phtcrack is and has been a proven tool for auditing passwords. Another great tool is the Linux based boot disk that allows even W2k Server SYSKEY encoded passwords to be reset without knowing a single password on the system. (Link can be found from @stake's web pages)

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.