informa
/
Risk
News

Elcomsoft Distrib Recovery

Elcomsoft has added Personal Information Exchange certificate support to Elcomsoft Distributed Password Recovery

NEW YORK -- Elcomsoft, a leader in password recovery, has added Personal Information Exchange certificate support to Elcomsoft Distributed Password Recovery.

The program offers administrators a comprehensive solution for recovering passwords to MS-Office documents when employees forget their passwords, or when they deliberately add passwords to documents in an effort to sabotage their companies.

The latest version can recover passwords from the Personal Information Exchange certificates that are used for digital signatures and encryption, including PKCS #12 files with .PFX and .P12 extensions. More and more, people are using their own certificates to sign executable files and email messages, to encrypt files using Microsoft's Encrypting File System (EFS), or to establish a secure communication with the server. Problems arise when passwords get lost, when the certificates have been saved on absent removable media, or when they have been otherwise removed from the system.

Personal Information Exchange certificates usually contain a public key and, optionally, a private key. The public key is used for encryption and verification of the signature, while the private key is used for decryption and signing. If the password-protected private key is present, it can only be recovered with a brute force attack. Because brute force decryption takes a very long time, Elcomsoft's Distributed Password Recovery product is the ideal solution for recovering these passwords.

Before Distributed Password Recovery, the most effective way to recover a lost password was to put the locked file on the fastest machine in the company, and use brute force to attack the password. Distributed Password Recovery lets you coordinate all of the unused computing power of every computer on your LAN or WAN, and use distributed processing to restore the lost password.

Distributed Password Recovery installs "Agents" onto as many computers on the network as the user desires. Each of these Agents uses brute force to try to recover the lost password. The program ensures that these Agents work together, and combine their computing power to find the lost password. The more computing power available, the faster the recovery speed.

ElcomSoft, Ltd.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5