7MS #304: Integrating Pwned Passwords with Active Directory
7 Minute Security5 Apr 2018

7MS #304: Integrating Pwned Passwords with Active Directory

I've been super pumped about Troy Hunt's Pwned Passwords project ever since it came out - especially when I saw a tweet about using it in Active Directory so that enterprises could essentially stop people from picking previously pwned passwords! That led me to explore the following two solutions:

Pwned Passwords DLL

This blog entry has everything you need to get started with this GitHub project. If you've got some coding skillz you can probably give everything a quick read and have the DLL installed and running in no time. If you're like me and have little to zero Visual Studio experience, head to my BPATTY site page about Pwned Passwords where I've laid everything out step-by-step!

Bottom line is this is a FREE way to check AD passwords against Troy's list of 500M+ previously pwned passwords. Awesome dude!

SafePass.me

I gave this commercial solution a demo and it worked fine as well. It's about $700 USD and comes packaged in an .MSI file that you simply double-click to install, then reboot the domain controller(s). It looks to do the exact same thing as Pwned Passwords DLL but without having to build a DLL or install it manually.

Avsnitt(690)

7MS #42: Vulnerability Scans vs. Pentests (audio)

7MS #42: Vulnerability Scans vs. Pentests (audio)

I think everybody throws around the terms “vulnerability scans” and “pentests” and they mean completely different things from one person to the next. In this episode I try to clarify the differences and distinctions (in my mind, anyways). 7MS #42: Vulnerability Scans vs. Pentests (audio)

14 Feb 20157min

7MS #41: OSCP – Part 7 (audio)

7MS #41: OSCP – Part 7 (audio)

Tried of talking about OSCP yet? Me neither! 7MS #41: OSCP – Part 7 (audio)

6 Feb 20156min

7MS #40: OSCP – Part 6 (audio)

7MS #40: OSCP – Part 6 (audio)

PART SIX of a mind-bending series all about OSCP! 7MS #40: OSCP – Part 6 (audio)

31 Jan 20157min

7MS #39: Infosec on the Disney Boat (audio)

7MS #39: Infosec on the Disney Boat (audio)

I took a Disney cruise with my family recently, and one particular aspect of the trip gave me the Big Brother heebie-jeebies. 7MS #39: Infosec on the Disney Boat (audio)

24 Jan 20158min

7MS #38: OFFTOPIC – Health and Infosec (audio)

7MS #38: OFFTOPIC – Health and Infosec (audio)

Every once in a while I thought it would be fun to go slightly off topic and talk about other stuff I’m interested in. This episode kind of has a tech twist though. I talk about how I use my iPhone and a few apps to stay at least a little bit in shape. 7MS…

17 Jan 20157min

7MS #37: Keimpx (audio)

7MS #37: Keimpx (audio)

Ever wanted to pass hashes a whole network at a time? Check out this episode, where I talk about one of my fav new tools called Keipmx. 7MS #37: Keimpx (audio)

10 Jan 20157min

7MS #36: OSCP – Part 5 (audio)

7MS #36: OSCP – Part 5 (audio)

More talk about OSCP goodness. Download: 7MS #36: OSCP – Part 5 (audio)

3 Jan 20157min

7MS #35: OSCP – Part 4 (audio)

7MS #35: OSCP – Part 4 (audio)

This is the 4th thrilling installment in our exciting series about the awesome, challenging, rage-inducing, but ultimately rewarding training and certification called OSCP. Download: 7MS #35: OSCP – Part 4 (audio)

27 Dec 20146min

Populärt inom Politik & nyheter

svenska-fall
p3-krim
rss-krimstad
rss-viva-fotboll
flashback-forever
fordomspodden
rss-sanning-konsekvens
rss-vad-fan-hande
aftonbladet-daily
olyckan-inifran
dagens-eko
rss-frandfors-horna
motiv
svd-dokumentara-berattelser-2
rss-krimreportrarna
krimmagasinet
svd-nyhetsartiklar
blenda-2
spotlight
rss-svalan-krim