For the best user experience please upgrade your browser

Papa – PTP Proactive Advanced Password Auditor

Papa, the PTP Proactive Advanced Password Auditor, is a password cracking and auditing service.

Attackers often exploit weak passwords and attempt to crack hashes to gain further access to a network, so Papa allows system administrators to proactively stay one step ahead and ensure that weak passwords are not an effective attack vector.

What is Papa?

Papa is a tool designed to help you identify users with weak passwords.

It extracts the encrypted hashes from the domain and sends them, over a secure connection, to our dedicated password cracking servers.

All cracked passwords are then returned to the Papa tool where administrators can get detailed information about the domain as a whole and perform trend analysis to view the impact of password policy changes.

 

Why use the Papa password auditing service?

  • Papa allows organisations to quickly and easily conduct password auditing on their domain and identify where weak passwords are in use.
  • It extracts hashes from the domain controller, and securely sends only the hashes to our servers for cracking. No user or company information is transmitted ensuring maximum confidentiality.
  • It’s very easy to use – one button and the hashes are extracted and sent to our servers for cracking.
  • Papa keeps a snapshot of the passwords retrieved so that organisations can identify trends in weak password use, and the effect of password policies as they are introduced.
  • Papa is password protected, and all sensitive information is stored in a locally-encrypted database.
  • Papa uses dedicated password cracking servers with cutting edge GPUs to maximise cracking speed.

Demo video

What our customers say

“Papa has given us a massive step change in our understanding of password strength across our organisation and empowered us to educate and protect our users in new ways”
Head of IT Operations and Security, Genting Casinos

“An amazing, lightweight and easy to use tool which I would recommend to all IT departments.”
Group IT Infrastructure Manager, nGAGE Recruitment

“The results from Papa were a real eye opener. It has enabled us to audit and take action to remove weak AD passwords.”
Cyber security professional

Password advice

Once people see the power of Papa they often ask for advice, so we wrote a blog post about password policy and guidance. We’re also happy to provide bespoke consultancy to help you improve your password hygiene.
https://www.pentestpartners.com/security-blog/password-policy-guidance/

This post gives insight into some of the attack techniques that Papa was developed to help prevent. Three Random Word passwords is a commonly suggested (but weak) approach, so we wanted to make sure that Papa was able to crack these too!
https://www.pentestpartners.com/security-blog/three-word-passwords/

More Papa info

Get in touch to find out more.