A password audit examines the security of passwords in a company. This concerns the complexity of Active Directory passwords for users and service accounts, the secure storage of passwords, the default passwords used, and multi-factor authentication (MFA).
If the following questions are still open in your company, a password audit is recommended:
The purpose of the scoping meeting is to define the goals of the password audit and to transfer sufficient knowledge about the authentications used so that the offer can then be created on this basis. The questions mostly revolve around the password policy and established measures and mechanisms for secure passwords and MFA.
The offer is prepared on the basis of the scoping meeting. In addition to the objectives, methods, price and general conditions, it also contains a suggested timeframe for execution. Of course, nothing is set in stone and the offer will be adapted to your needs. In principle, we always charge according to the actual effort involved.
A meeting is held with the responsible persons to discuss access to the various data and systems and the secure storage and transfer of the test objects.
The complexity of passwords and whether they could be cracked by an attacker can be determined with the help of cracking. This is the same method used by attackers. For this purpose, a list of hashes is securely transmitted and a lot of computing power is used to try to crack them.
Plain-text passwords can be found in many files such as PowerShell scripts, text or Word documents on local storage or shares. These passwords are readily sought and exploited by attackers. We search for exactly these passwords with the same tools and make sure that they are found and cleaned by us first, before real attackers do so.
Too often, default passwords are used for applications. Such passwords are easy to find out, even for an attacker, and access to the applications can be gained. We examine applications for the use of known default passwords.
Where is multi-factor authentication already in use? Where could it still be implemented? How secure is it implemented? These points are looked at in this check.
The results are summarized and evaluated. Statistics are compiled for the various audits and suggestions for improvement are given. In this way, the problems can be addressed at the source and eliminated sustainably.
All results are submitted in a final report (PDF, Excel and JSON) and made available via the Mesher platform. This is where the real work begins. Cybersecurity can only be increased if measures are also implemented. Therefore, it is a key concern for us that the findings from the tests arrive at the right place in the right format and that media breaks are eliminated.
Via Mesher, your current security level is recorded and you can view the return on investment for the various measures. All results are also visualized here and can be linked to existing tools thanks to integrations. With the platform, technical measures can be assigned directly with tasks to the appropriate people and agile work without media breaks is enabled.
