in the news

& patches


questions or


l0phtCrack, l0pht, their
likeness, and these pages
copyright © 1999
L0pht Heavy Industries, Inc.
all rights reserved


L0phtCrack 2.52 for Win95/NT is here!

PLEASE NOTE (12/18/99): L0phtCrack is erroneously flagged as a virus or trojan by several virus scanners. There is no virus or trojan code in the L0phtCrack distribution file on this site. It is safe to use. Please contact your individual Antivirus vendor to report the problem.


L0phtCrack is now listed as part of the NT FAQ in the Password Security section.

L0phtCrack receives the NTools E-News Target Award for the 1999 Product of the Year in the Security Catagory.

L0phtCrack receives the InfoWorld Golden Guardian Award for 1998

L0phtCrack has been downloaded over 500,000 times! The NT IT community has embraced L0phtCrack as the password auditing tool of choice. Now we've released L0phtCrack 2.5 to raise the bar another notch.

Do you know your NT password policy is secure?

L0phtCrack 2.5 is your wake-up call. We recently performed an audit of a large high technology company. Here is what we found.

  • L0phtCrack 2.5 cracked 90% of the passwords in under 48 hours on a Pentium II/300.

  • 18% of the passwords were cracked in under 10 minutes.

  • The Administrator and most of the Domain Admin passwords were cracked.

  • This company had a policy requiring passwords longer than 8 characters with at least one upper case character plus a numeric or symbol character.

You might think your password policy is strong, but you'll never know until you put it to the test. Download L0phtCrack 2.5 now and give it a try. You might just surprise yourself.

release 2.5 new features
  • Major speed increase. The DES routines have been highly optimized in assembler for Pentium, Pentium MMX, Pentium Pro, and Pentium II specific processors. This results in a 450% speed increase. All alphanumeric passwords can be found in under 24 hours on a Pentium II/450.

  • New hybrid cracking method combines the best qualities of dictionary cracking with that of brute force cracking. Passwords that are dictionary words which have numbers and symbols appended to them are found in minutes.

  • SMB Packet Capture is built into the L0phtCrack graphical interface. Choose a menu item and start collecting LANMAN password hashes as they travel over the network.

  • The SMB Packet Capture now works on Win95/98 machines.

  • Custom character sets for brute forcing are supported with an easy UI to set them.

  • More accurate cracking status is displayed. This includes the number and percentage of cracked passwords and the key rate of the crack attempts


Benchmark Results

Test: Brute Force crack
Machine: Quad Xeon 400 Mhz

Character SetTime
Alpha-Numeric 5.5 Hours
Alpha-Numeric-Some Symbols 45 Hours
Alpha-Numeric-All Symbols 480 Hours

L0phtCrack 2.5 has a free trial download

L0phtCrack was originally envisioned as an experimental research tool. Many system administrators, security auditors, and tiger teams have asked for specific features to make L0phtCrack a more powerful and easier to use tool. We have decided to give L0phtCrack the quality and feature set needed by computer security professionals and distribute it with a free trial.

The trial period is 15 days, after which the product must be registered for $100. A command-line, stripped down version of the program is available for free with source code.


l0phtcrack lophtcrack loftcrack l0pht crack lopht crack loft crack