From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Developer(s)Peiter Zatko (Mudge), Chris Wysopal (Weld Pond), Christien Rioux (DilDog), Rob Cheyne, Ian Melven
Stable release
Operating systemMicrosoft Windows
TypePassword Cracking, Operating System Audit
LicenseA combination of multiple Open Source licenses[1]

L0phtCrack is a password auditing and recovery application originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and sometimes to recover lost Microsoft Windows passwords, by using dictionary, brute-force, hybrid attacks, and rainbow tables.[2]

The initial version was released in the Spring of 1997.[3]

The application was produced by @stake after the L0pht merged with @stake in 2000. @stake was then acquired by Symantec in 2004.[4] Symantec later stopped selling this tool to new customers, citing US Government export regulations, and discontinued support in December 2006.[2][5]

In January 2009, L0phtCrack was acquired by the original authors Zatko, Wysopal, and Rioux from Symantec. L0phtCrack 6 was announced on 11 March 2009 at the SOURCE Boston Conference.[6] L0phtCrack 6 contains support for 64-bit Windows platforms as well as upgraded rainbow tables support.[7] L0phtCrack 7 was released on 30 August 2016, seven years after the previous release.[8] L0phtCrack 7 supports GPU cracking, increasing performance up to 500 times that of previous versions.[9]

On April 21, 2020 Terahash[10] announced it had acquired L0phtCrack. Details of the sale were not released.

On July 1, 2021 L0pht Holdings, LLC repossessed L0phtCrack after Terahash defaulted on its instalment sale loan. The current owners announced that they were exploring open source options for L0phtcrack. Due to commercial libraries existing within the software this may take some time.[11]

On October 17, 2021 L0phtCrack version 7.2.0 was released open-source, with different portions of the software being published under different licenses.[12][13]


  1. ^ "Tools/Releasetool/Installer/License.TXT · 25f681c07828e5e68e0dd788d84cc13c154aed3d · l0phtcrack / L0phtcrack".
  2. ^ a b "Top 100 Network Security Tools (Page 2/4)". Retrieved 2008-09-18.
  3. ^ Lange, Larry (1997-04-15). "Hackers keep the heat on Windows NT security". eeTimes. Archived from the original on 1998-12-05. Retrieved 2020-09-19.
  4. ^ Fisher, Dennis (2004-09-16). "Symantec Buys Security Consulting Pioneer @stake". eWeek.
  5. ^ Naraine, Ryan (2006-03-08). "Symantec Pulls Plug on L0phtCrack". Retrieved 2008-09-18.
  6. ^ "New version of L0phtcrack to be unveiled next week". Infosecurity Magazine. 2009-03-03. Retrieved 2009-05-29.
  7. ^ Goodin, Dan (2009-05-27). "Seminal password tool rises from Symantec ashes". The Register.
  8. ^ Millman, Rene (1 Sep 2016). "New version of L0phtCrack makes cracking Windows passwords easier than ever". SC Magazine UK.
  9. ^ Fisher, Dennis (2016-08-31). "L0phtCrack 7 Shows Windows Passwords Easier to Crack Now Than 20 Years Ago". onthewire.
  10. ^ "Terahash Acquires L0phtCrack". Archived from the original on 2020-04-21.
  11. ^ "Changes for L0phtCrack". Archived from the original on 2021-09-23.
  12. ^ "Update license and credits (25f681c0) · Commits · l0phtcrack / L0phtcrack".
  13. ^ "Password Auditing Tool L0phtCrack Released as Open Source". Archived from the original on 2021-10-18.

External links[edit]