Three years after Symantec pulled the plug on L0phtcrack, the tool for auditing and cracking windows passwords is back. It was pulled from the market in late 2005 shortly after Symantec acquired @stake, @stake took control of the rights a year or so earlier when it merged with L0pht. With a price starting at $295, will it live up to it’s name when the market has many freeware options to choose from?

L0phtcrack team member Christien Rioux says the features such as scheduling and a dashboard that simplifies the process of disabling users with weak passwords makes the program stand out. “There are a number of enterprise administrative features that make the product worth it for organizations that are doing this on a regular basis,” he said. “It’s been a very long time that this has been out there. The benefit is that we’ve had the opportunity to interact and fix [customer] issues and take [in] their concerns.”

The $295 Professional versions includes:

• Password assessment
• Password recovery
• Dictionary support
• Hybrid support
• Brute force support
• International character support
• Wizard-based GUI
• Password quality scoring
• Remediation
• Windows & Unix support
• Executive reporting
• Remote system scans
• 500 User Accounts (Professional Version)

Chalk up another $300 for the admin version and it gives you support for

• Unlimited accounts
• Pre-computed hash (rainbow) table support
• Assessment scheduling

http://www.l0phtcrack.com