Harold works for Jacobson Unlimited in the IT department as the security manager. Harold has
created a security policy requiring all employees to use complex 14 character passwords.
Unfortunately, the members of management do not want to have to use such long complicated
passwords so they tell Harold’s boss this new password policy should not apply to them. To
comply with the management’s wishes, the IT department creates another Windows domain and
moves all the management users to that domain. This new domain has a password policy only
requiring 8 characters.
Harold is concerned about having to accommodate the managers, but cannot do anything about it.
Harold is also concerned about using LanManager security on his network instead of NTLM or
NTLMv2, but the many legacy applications on the network prevent using the more secure NTLM
and NTLMv2. Harold pulls the SAM files from the DC’s on the original domain and the new domain
using Pwdump6.
Harold uses the password cracking software John the Ripper to crack users’ passwords to make
sure they are strong enough. Harold expects that the users’ passwords in the original domain will
take much longer to crack than the management’s passwords in the new domain. After running the
software, Harold discovers that the 14 character passwords only took a short time longer to crack
than the 8 character passwords.
Why did the 14 character passwords not take much longer to crack than the 8 character
passwords?
A.
Harold should have used Dumpsec instead of Pwdump6
B.
Harold’s dictionary file was not large enough
C.
Harold should use LC4 instead of John the Ripper
D.
LanManger hashes are broken up into two 7 character fields