Jackson

Breached password detection with Azure AD

Posted on February 4, 2019 by Jackson

Combine on-premises breached password reset detection with your cloud environment!

Pwned Passwords and NTLM Hashes!

Posted on August 29, 2018 by Jackson

Introduction Yep, another Pwned Passwords post! This one brings the total to 3, and it now makes up the entirety of my posts here. A couple of days ago, Troy Hunt released support for NTLM hashes for his Pwned Passwords dataset. This is really cool because it allows us to check live Active Directory hashes… Continue reading “Pwned Passwords and NTLM Hashes!” →

Checking for Breached Passwords in Active Directory – Using k-Anonymity!

Posted on February 25, 2018 by Jackson

I’d like to preface this post by saying that I 100% understand concerns about using an external API, even when sending it just a small amount of unusable information. The possibility of compromise and subsequent infection on Domain Controllers is a true security risk and it is totally acceptable to not want to take that… Continue reading “Checking for Breached Passwords in Active Directory – Using k-Anonymity!” →

Checking for Breached Passwords in Active Directory

Posted on August 14, 2017 by Jackson

Edit: I have now overhauled the blog post and essentially recreated PwnedPasswordsDLL to run on-premises, and return results very quickly. Information regarding set-up and the new release can be found below. Changes have now been pushed to GitHub and are available for use. Introduction – In simplistic terms, PwnedPasswordsDLL will check a requested Active Direvtory… Continue reading “Checking for Breached Passwords in Active Directory” →