hybrid

Secure Bytes Inc.
   
Home Contact Contact Register Faqs Login twitter   Facebook
Purchase onlineSecure Bytes Support Center

Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player

MSSQL PASSWORD AUDITOR

horz_line

MSSQL Password Auditor helps security auditors & database administrators to perform password audit and password recovery of SQL passwords using hash algorithm. It is also a password analyzing tool which uses dictionary attacks, brute force attacks and hybrid attacks to audit weaknesses in the database password policy which will also help in preventing username password hacking & cracking.

This assists to enforce stringent policies by identifying weak and default passwords in the MSSQL database. Weak passwords have been cited by experts from SANS, industry, government, and academia as one of the most critical security threats to computer networks

MSSQL Password Auditor is a password strength analyzer that proactively identifies the strength of a password against an intrusion attempt. It also checks for defaults password that are not changed on MSSQL database servers because all default passwords are security threat for the confidentiality, integrity and availability of data. It also provides options like dictionary attacks, brute force attacks and hybrid attacks to audit the weaknesses in enforced password security policy. MSSQL Password Auditor also has the ability to present all cracked passwords in the form of a vulnerability report so



that it complies with a defined controls and organizational security policy. Password recovery and Password audit becomes extremely easy with MSSQL Password Auditor because It automatically retrieves password hashes from sysxlogins table from Microsoft SQL Server 7 and Microsoft SQL Server 2000 and it also retrieves password hashes from sys.sql_logins table from Microsoft SQL Server 2005 and Microsoft SQL Server 2008 and it allows auditors, database administrators, and security administrators to either password recovery or test the strength of the sql password according to an organization policy through comprehensive auditing.

MSSQL Password Auditor is compatible with Microsoft SQL Server 7 / Microsoft SQL Server 2000 / Microsoft SQL Server 2005 / Microsoft SQL Server 2008. It also facilitates in achieving strengthened governance and Regulatory Compliance standards like Sarbanes-Oxley Act (SOX) (USA) , Health Insurance Portability and Accountability Act (HIPAA) (USA) , Gramm-Leach-Bliley Act (GLBA) (USA) Federal Information Security Management Act (FISMA) (USA) , Data Protection (EU, UK, Canadian) J-SOX (Japan), LSF (France), Payment Card Industry Data Security Standard (PCI/DSS), security frameworks such as ISO 27001, and COBIT or NIST.

MSSQL Password Auditor

Following are some examples of weak SQL server passwords:
  1. Default database passwords such as those used in most software applications (SAP, symbol, weblogic etc)
  2. Popular MSSQL passwords (qwerty, 123456, password, letmein, abc123, monkey etc.).
  3. Repeated combinations of symbols (aabbcc, 123123, aaaa, 7777777 etc.).
  4. Inversion of common words (drowssap, nimda etc.).
  5. SQL Passwords coinciding with user name or its variations.
  6. Short database passwords having up to 7 symbols, which can be found with brute force attack.
  7. MSSQL Passwords derived from common words or word combinations that can quickly be discovered with a dictionary attack.
  8. SQL server Passwords based on personal data.
  9. Database Passwords based on user characteristics.
  10. SQL Passwords based on modified version of older passwords.
The best way to discover weak passwords is through password audits on a regular basis. Key Features and Benefits:
  • Determines how secure are your corporate database server.
  • Tests the strength of database passwords which protects user accounts.
  • Account Password Recovery.
  • Helps in achieving Regulatory Compliance.
  • Performs brute force and hybrid attacks.

Overall the MSSQL password auditor is a comprehensive password analyzing tool which carries out password audit and quick password recovery for SQL passwords which use hash algorithm. It uses dictionary attacks, brute force attacks and hybrid attacks to audit weaknesses in the database password policy which will also help in preventing username password hacking & cracking.

For all Secure Auditor™ tools click here    -    For more details on Secure SQL Auditor™ click here

horz_line
 
Company Services Products Support Links
Home
About Us
Resources
Download Trial
Careers
Blog
Contact Us
Security Auditing
Security Assessment
Network Designing
System Hardening
Policy Development
Penetration Testing
Technical Training
Secure Auditor Suite
Secure Oracle Auditor
Secure Windows Auditor
Secure Cisco Auditor
Secure SQL Auditor
Support Center
Knowledge Base
F.A.Q.
Submit Link
Link Directory
Links
Information Security Software  |  Information Technology (IT) Control  |  Penetration Testing Tools  |  Risk Management Utilities  |  System Auditing   |    Secure Auditor Utilities   |  Forensics Utilities  |  Database Security  |  Vulnerability Scanners  |  Database Auditing Tools   |  Security Auditing Tools     Risk Management Solution  | Security Access Control (SAC)  |  Audit Checklist   |  Network Security Vulnerability  |  Vulnerability Management  |   Regulatory Compliance  |  Information Security Management System
Copyright © 2004 - 2010 Secure Bytes Inc. All rights reserved
Disclamer | Terms & Conditions