Load compromised passwords into the store
Last updated
Last updated
Now that we have , we can populate it with compromised passwords and banned words.
Import the PowerShell module and open the store folder
We recommend you synchronize your password store with the using the cmdlet.
If you don't have internet access from the server where the LPP store is being created, you can use the to download the dataset.
If you have other NTLM hash sets you want to import, you can do so. Just make sure they are in a text file, each separated by a new line. Use the cmdlet to import them.
You can also choose to import any plain-text password lists that you have access to. These are imported using the cmdlet.
If you have individual passwords you want to add, you can use the cmdlet
To test to see if a password is in the compromised password store, use the cmdlet. The cmdlet will return true
if the password was found in the compromised store.
The password filter can also protect against common substitutions by normalizing incoming passwords, and checking them against the banned word store. For example, adding the word lithnet
to the banned word store, will prevent common variations such as lithnet2018
l1thn3t
Lithnet!
from being used. You can read more about the to understand how this works in more detail. The banned word store contains the list of these words you want to prevent passwords being based on. You can load in common names in your organization, or load in the entire dictionary. The cmdlet is used to import a file of new-line separated words.
To add individual words use the cmdlet