MD5 is an industry standard hashing algorithm that is used by Cisco devices to protect passwords. Cisco MD5 Password Auditor helps auditors, network administrators, and IT security consultants to enforce strict password policy by identifying weak passwords in the Cisco devices. It is a password recovery tool for IT security and auditing professionals, which can be used to recover a password if its MD5 hash.
Cisco MD5 Password Auditor has a feature-rich user interface that allows you to utilize its functionality with maximum efficiency. User need to provide the Cisco MD5 hashes, which is also known as (enable secret password) this can be retrieved from the running configuration by running “show running” commands at privilege level or startup configuration by running “show startup” commands at privilege level copy 5$1$mFuV$UK9NW3fMHJlDprw1usQqk0 and remove 5 from the hashes and paste it in the encrypted password box. Cisco MD5 Password Auditor’s password recovery engine is fully configurable that could be adjusted according to the recovery options needed. Secure Cisco MD5 Password Auditor provides a number of tools to recover the password. These options include Brute Force Attack, Dictionary Attack and Hybrid Attack. This allows administrators to either recover or test the strength of the password according to an organizational policy through comprehensive auditing.
Cisco MD5 Password Auditor is compatible with All Cisco devices which are using MD5 hashing Algorithm, if you are using Cisco Type 7 Password then you should use Cisco Type 7 Password Decryption utility from Secure Bytes. Cisco MD5 Password Auditor also facilitates in achieving strengthened governance and Regulatory Compliance standards like Sarbanes-Oxley Act (SOX ) (USA) , HIPAA (USA) , GLBA (USA) FISMA (USA) , Data protection(EU, UK, Canadian) J-SOX (Japan), LSF (France), PCI/DSS, security frameworks such as ISO 27001, and COBIT or NIST.
Following are some examples of weak passwords:
The best way to discover weak passwords is through audits on a regular basis.
- Default passwords such as those used in most software applications (cisco, admin, cmaker etc).
- Popular passwords (qwerty, 123456, password, letmein, abc123, monkey etc.).
- Repeated combinations of symbols (aabbcc, 123123, aaaa, 7777777 etc.).
- Inversion of common words (drowssap, nimda etc.).
- Passwords coinciding with user name or its variations.
- Short passwords having up to 7 symbols, which can be found with brute force attack.
- Passwords derived from common words or word combinations that can quickly be discovered with a dictionary attack.
- Passwords based on personal data.
- Passwords based on user characteristics.
- Passwords based on modified version of older passwords.
Key Features and Benefits:
- Determines how secure are your corporate network.
- Determine how effectively IT policy, procedures and IT controls are implemented.
- Tests the strength of passwords which are protecting routers and switches.
- Recovers Cisco enable secret passwords.
- Helps in achieving Regulatory Compliance.
- Performs bruteforce and hybrid attacks.