John the Ripper Pro password cracker
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords, although Windows LM hashes and a number of other password hash types are supported as well. John the Ripper is free and Open Source software, distributed primarily in source code form.
John the Ripper Pro builds upon the free John the Ripper to deliver a commercial product better tailored for specific operating systems. It is distributed primarily in the form of "native" packages for the target operating systems.
John the Ripper Pro is currently available for Linux on x86 and x86-64 (x64) systems, with support for the latest Intel and AMD processor features such as SSE2, and for Mac OS X on both Intel and PowerPC Macs, making use of SSE2 and AltiVec acceleration, respectively.
Proceed to John the Ripper Pro homepage for your OS:
Support for certain other operating systems and processor architectures is planned. If your OS is not supported yet, please use the Quick Comment field at the bottom of this web page to request support for your OS; be sure to explicitly indicate your interest in purchasing a copy and license, and provide your e-mail address and desired price. Please note that support for a new OS in Pro versions of John the Ripper may only be added in response to commercial demand. Meanwhile, feel free to explore the cross-platform and free version of John the Ripper.
John the Ripper Pro currently supports the following password hash types (and more are planned):
You may browse the generic documentation for John the Ripper online. Also relevant is our presentation on the history of password security.
There's a mailing list where you can share your experience with John the Ripper and ask questions. Please be sure to specify an informative message subject whenever you post to the list (that is, something better than "question" or "problem"). To subscribe, send an empty message to <john-users-subscribe at lists.openwall.com> or enter your e-mail address below. You will be required to confirm your subscription by "replying" to the automated confirmation request that will be sent to you. You will be able to unsubscribe at any time and we will not use your e-mail address for any other purposes or share it with a third party. The list archives are available on MARC and Gmane, as well as locally.
There's a proactive password strength checking module for PAM-aware password changing programs, which can be used to prevent your users from choosing passwords that would be easily cracked with programs like John.
We may help you integrate proactive password strength checking with pam_passwdqc into your OS installs, please check out our services.
Came here looking for password recovery for popular file formats (such as Word, Excel, or PDF documents, or ZIP archives) rather than ways to detect weak OS passwords? You'll find that kind of software at ElcomSoft and also in the collection of pointers to password recovery resources available locally.