L0phtCrack

L0phtCrack is a password auditing and recovery application originally produced by Mudge from L0pht Heavy Industries. It is used to test password strength and sometimes to recover lost Microsoft Windows passwords, by using dictionary, brute-force, hybrid attacks, and rainbow tables.

The initial version was released in the Spring of 1997.

The application was produced by @stake after the L0pht merged with @stake in 2000. @stake was then acquired by Symantec in 2004. Symantec later stopped selling this tool to new customers, citing US Government export regulations, and discontinued support in December 2006.

In January 2009, L0phtCrack was acquired by the original authors Zatko, Wysopal, and Rioux from Symantec. L0phtCrack 6 was announced on 11 March 2009 at the SOURCE Boston Conference. L0phtCrack 6 contains support for 64-bit Windows platforms as well as upgraded rainbow tables support. L0phtCrack 7 was released on 30 August 2016, seven years after the previous release. L0phtCrack 7 supports GPU cracking, increasing performance up to 500 times that of previous versions.

On April 21, 2020, Terahash announced it had acquired L0phtCrack. Details of the sale were not released.

On July 1, 2021 L0pht Holdings, LLC repossessed L0phtCrack after Terahash defaulted on its instalment sale loan. The current owners announced that they were exploring open source options for L0phtcrack. Due to commercial libraries existing within the software this may take some time.

On October 17, 2021 L0phtCrack version 7.2.0 was released open-source, with different portions of the software being published under different licenses.