Password Audit

A password audit examines the security of passwords in a company. This concerns the complexity of Active Directory passwords for users and service accounts, the secure storage of passwords, the default passwords used, and multi-factor authentication (MFA).

If the following questions are still open in your company, a password audit is recommended:

  • Are there easy-to-crack passwords in our company?
  • Are passwords stored insecurely, for example in text files or Word documents?
  • Are our employees sensitized to the correct use of passwords?
  • What can an attacker do to our company with insecure passwords?

Process

Scoping

Goal and scope

The purpose of the scoping meeting is to define the goals of the password audit and to transfer sufficient knowledge about the authentications used so that the offer can then be created on this basis. The questions mostly revolve around the password policy and established measures and mechanisms for secure passwords and MFA.

 

Offer

Agreement

The offer is prepared on the basis of the scoping meeting. In addition to the objectives, methods, price and general conditions, it also contains a suggested timeframe for execution. Of course, nothing is set in stone and the offer will be adapted to your needs. In principle, we always charge according to the actual effort involved.

Kick-Off

System Overview

A meeting is held with the responsible persons to discuss access to the various data and systems and the secure storage and transfer of the test objects.

Cracking

Password Security

The complexity of passwords and whether they could be cracked by an attacker can be determined with the help of cracking. This is the same method used by attackers. For this purpose, a list of hashes is securely transmitted and a lot of computing power is used to try to crack them.

 

Search

Password storing

Plain-text passwords can be found in many files such as PowerShell scripts, text or Word documents on local storage or shares. These passwords are readily sought and exploited by attackers. We search for exactly these passwords with the same tools and make sure that they are found and cleaned by us first, before real attackers do so.

Default

Default Credentials

Too often, default passwords are used for applications. Such passwords are easy to find out, even for an attacker, and access to the applications can be gained. We examine applications for the use of known default passwords.

 

MFA

Multi-factor authentication

Where is multi-factor authentication already in use? Where could it still be implemented? How secure is it implemented? These points are looked at in this check.

Report

Report writing

The results are summarized and evaluated. Statistics are compiled for the various audits and suggestions for improvement are given. In this way, the problems can be addressed at the source and eliminated sustainably.

 

Deliverables

All results are submitted in a final report (PDF, Excel and JSON) and made available via the Mesher platform. This is where the real work begins. Cybersecurity can only be increased if measures are also implemented. Therefore, it is a key concern for us that the findings from the tests arrive at the right place in the right format and that media breaks are eliminated.

PDF
The final report in PDF format contains an introductory section, executive summary, tools and methods, test details, positive aspects and passed requirements, results and measures with detailed description, categorization and prioritization.
 
EXCEL
The Excel contains all results and measures with detailed description, categorization and prioritization. Thanks to the editable format, this list is suitable for further processing of the results and additional information can be easily added.
 
JSON
The JSON file contains all results and measures with detailed description, categorization and prioritization. The JSON format is the most common format for automated further processing of information and can often be fed into existing tools with little effort.

Mesher

Via Mesher, your current security level is recorded and you can view the return on investment for the various measures. All results are also visualized here and can be linked to existing tools thanks to integrations. With the platform, technical measures can be assigned directly with tasks to the appropriate people and agile work without media breaks is enabled.

More about the Mesher platform

Mesher Plattform