Password auditing and recovery software L0phtCrack has been acquired by Terahash LLC for an undisclosed sum.
L0phtCrack is used to test password strength and sometimes to recover lost Microsoft Windows passwords by using dictionary, brute-force, hybrid attacks, and rainbow tables. It was originally produced by Mudge from L0pht Heavy Industries.
The software was created 23 years ago and holds the distinction of being the world’s first commercially available password auditing solution. Since its launch, L0phtCrack has been downloaded 236,498 times by customers across the finance, healthcare, medical, and retail industries and by government organizations.
While alternatives to passwords have grown in recent years, L0phtCrack’s former head of engineering Christien Rioux said that they are still relevant to modern cybersecurity.
“Experts have called for the death of passwords for decades, but they are still in use for practically every operating system and application: web, mobile, and desktop," said Rioux.
And while passwords remain in use, the need for password auditing and recovery software is clear.
Rioux said: "Guessable, stuffable, and brute-forceable passwords are a top security risk today. You need password auditing, or you have a gaping security hole."
L0phtCrack is currently in its seventh incarnation. Terahash plans to begin work on L0phtCrack 8 immediately, with the eventual goal of integrating L0phtCrack with its own Hashstack software.
According to Terahash, the combination of L0phtCrack software and Terahash hardware appliances is positioned to address the needs of red, blue, and purple teams, penetration testers, compliance auditors, information security professionals, and IT administrators. It will also make for a more user-friendly experience for Hashstack's customers.
“While our own Hashstack software is incredibly powerful and robust, user-friendliness is one area where we have admittedly been lacking. L0phtCrack has excellent usability by both security professionals and IT administrators, and this acquisition helps fill a noticeable gap in our offering,” said Jeremi Gosney, founder & CEO at Terahash.
“L0phtCrack has a large, dedicated user base with a broad reach across IT departments in many industry verticals, and is a name that every security professional knows and trusts. We look forward to developing the L0phtCrack code base, integrating it with our existing products, and introducing new products optimized for L0phtCrack.”