Combine on-premises breached password reset detection with your cloud environment!
Introduction Yep, another Pwned Passwords post! This one brings the total to 3, and it now makes up the entirety of my posts here. A couple of days ago, Troy Hunt released support for NTLM hashes for his Pwned Passwords dataset. This is really cool because it allows us to check live Active Directory hashes… Continue reading “Pwned Passwords and NTLM Hashes!”
I’d like to preface this post by saying that I 100% understand concerns about using an external API, even when sending it just a small amount of unusable information. The possibility of compromise and subsequent infection on Domain Controllers is a true security risk and it is totally acceptable to not want to take that… Continue reading “Checking for Breached Passwords in Active Directory – Using k-Anonymity!”
Edit: I have now overhauled the blog post and essentially recreated PwnedPasswordsDLL to run on-premises, and return results very quickly. Information regarding set-up and the new release can be found below. Changes have now been pushed to GitHub and are available for use. Introduction – In simplistic terms, PwnedPasswordsDLL will check a requested Active Direvtory… Continue reading “Checking for Breached Passwords in Active Directory”