IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
Reviews

Ophcrack review

In our Ophcrack review, we look at whether the venerable Windows password-cracking tool is still useful today

  • Can crack almost all Windows login passwords
  • Entirely free
  • Hard to use
  • Minimal support and documentation

Ophcrack is a password-cracking tool designed specifically for recovering Microsoft Windows login credentials. Developed by Swiss company Objectif Sécurité, Ophcrack can crack most Windows passwords in a matter of minutes.

The best password managers can help you keep track of all your online passwords, but they’re little help if you’ve forgotten your Windows login. Therefore, Ophcrack and other password recovery tools can be useful for all PC users.

Ophcrack: Plans and pricing

screenshot of Ophcrack's webpage detailing free download

You can download all rainbow tables for Ophcrack for free

Objectif Sécurité

Ophcrack is an open-source project. You can download and use it for free, and all the source code is available online.

Ophcrack deciphers passwords by using rainbow tables, which are like dictionary files. You must separately download at least one of these rainbow tables for Ophcrack to work. Until September 2019, the company charged users to download the largest rainbow tables, able to crack the most complex passwords. Now, these are also available for free.

Ophcrack: Features

Ophcrack's Windows application in use

The Ophcrack Windows application can crack LM or NTLM passwords

Objectif Sécurité

In Windows, local user credentials are stored in LMHash or NTHash password hashes in what is known as the Security Account Manager (SAM). Essentially, hashes are obscured versions of your passwords. If your login password was ‘itproportal’, for example, it would be stored on a Windows Vista machine as ‘7c28442acd0bf217890362f2dcd1b6d2’.

You’ll typically need to use another program such as pwdump8 or samdump2 to extract these password hashes from your Windows installation. After you have the password hashes, you can use Ophcrack to decrypt them, revealing the original passwords. 

You can download a pre-built application version of Ophcrack for Windows, or you can run Ophcrack on Linux or macOS by compiling it from the source code.

Ophcrack being run from a live CD

Ophcrack can also be run from a live CD

Objectif Sécurité

Alternatively, you can download a live CD version of Ophcrack, and burn it to a physical disc or put it on a USB drive. Then, you restart your computer and boot into the Ophcrack CD. This way, Ophcrack can decipher the passwords of a Windows PC you can’t log into at all. 

The live CD process automatically searches your computer’s hard drives for a Windows installation, finds the LM or NTLM password hashes from the SAM, and attempts to decrypt them.

Ophcrack's user interface detailing tables to download

You must download the right set of rainbow tables for the best results

Objectif Sécurité

Ophcrack uses rainbow tables to decrypt passwords. Without going into extensive detail here, rainbow tables are lists of password permutations that the program will run through to find a matching password. A small rainbow table will be fast, but won’t find complex passwords. A large rainbow table will be slower, but more likely to match longer, more complicated passwords.

Ophcrack offers 17 different rainbow tables for various scenarios. If you are attempting to crack a Windows XP password, you will need one of the six LMhash tables. The smallest rainbow table is 380MB in size, and covers all mixed alphanumeric passwords up to 14 characters. If your password contains special characters, you’ll also need another rainbow table that’s 8.7GB in size.

Operating systems from Windows Vista onward use NThash tables for encrypting passwords. Ophcrack has rainbow tables for NThash, which range from a 450MB dictionary-based table to a colossal 2TB table that includes all alphanumeric symbols in mixed case and all special characters.

Ophcrack: Interface and in use

Opchrack's user interface, detailing CPU use control settings

You can put a throttle on Ophcrack’s CPU use so that it doesn’t use 100% of your CPU all the time

Objectif Sécurité

Using Ophcrack requires a certain level of technical knowledge. It’s not a password recovery tool you can send to a friend or family member as a quick fix for them forgetting their details, as it requires at least a little understanding of how Windows passwords work. 

Besides downloading the software and optionally burning it to a live CD, you also need to download the correct rainbow tables for your requirements, and extract them into a folder. Then you need to get access to the password hashes Ophcrack will attempt to decrypt, which often requires downloading and running another program like pwdump8.

The live CD version of Ophcrack attempts to automate much of this process. If the password to be recovered is relatively simple, you should be able to pop in the live CD of Ophcrack and wait a few minutes for it to display the correct password. This doesn’t work when your password is more complex, though, as only a relatively small rainbow table is stored on the live CD.

There are a few other settings you can choose in the preferences menu. The most important choices here allow you to throttle Ophcrack’s use of your CPU and disk drives while it's attempting to crack passwords.

Ophcrack: Support

Ophcrack's help button window

Ophcrack includes a Help button that guides you through the program, but it expects some prior knowledge of cracking tool fundamentals

Objectif Sécurité

Ophcrack has very limited support. You’re expected to learn how to use the software yourself. There is, however, an FAQ page, a how-to document, and an inactive forum to help you.

The how-to document is well written, but it assumes you already know how to use third-party tools like phdump or fgdump to dump the SAM of a Windows system, so you may need to do some additional research.

Alternatives to Ophcrack

Kon-Boot is an alternative to Ophcrack that’s a little easier to use. Instead of recovering the Windows password, it bypasses this altogether so you can gain access to your PC. It’s a commercial product that costs £20.32 for a personal license or £60.96 for a commercial license.

PassFab 4WinKey is another alternative product that lets you reset your Windows password. Again, it’s easier to use than Ophcrack, if all you want to do is access a Windows computer you don’t know the password for. However, it’s a paid product, starting at £16.21.

Ophcrack: Final verdict

Ophcrack has long been one of the most popular Windows login-cracking tools, and for good reason. Its rainbow table approach means you can use it to crack simple passwords exceedingly quickly, or complex passwords over several hours.

It’s not a simple tool to get started with, as you’ll need to perform some additional steps to get it working. But once you’ve got a handle on how it works, it’ll remain a useful tool for any time you need to recover a Microsoft Windows login password.

Featured Resources

2023 Strategic roadmap for data security platform convergence

Capitalise on your data and share it securely using consolidated platforms

Free Download

The 3D trends report

Presenting one of the most exciting frontiers in visual culture

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Recommended

Digital transformation & risk for dummies
Whitepaper

Digital transformation & risk for dummies

7 Feb 2023
Why technology, cyber and privacy risk management are critical for digital transformation
Whitepaper

Why technology, cyber and privacy risk management are critical for digital transformation

7 Feb 2023
Take control of diverse and rapidly evolving enterprise risks
Whitepaper

Take control of diverse and rapidly evolving enterprise risks

7 Feb 2023
The Forrester Wave™: Third party risk management platforms
Whitepaper

The Forrester Wave™: Third party risk management platforms

7 Feb 2023

Most Popular

Warning issued over ransomware attacks targeting VMware ESXi servers globally
cyber attacks

Warning issued over ransomware attacks targeting VMware ESXi servers globally

6 Feb 2023
ION Trading reportedly pays LockBit ransom demands
ransomware

ION Trading reportedly pays LockBit ransom demands

6 Feb 2023
BT Group extends Kyndryl deal to migrate legacy mainframe apps to the cloud
Business strategy

BT Group extends Kyndryl deal to migrate legacy mainframe apps to the cloud

31 Jan 2023