LeakGuard is a project to prevent the use of leaked passwords
LeakGuard has a custom password filter module for Windows (Active Directory) which is loaded in the lsass process, and when a request is made to change or set a password for a user, this module sends the password to the server to check its leaking status. If the password has already been leaked, setting this password will be prevented.
I have always wanted to create a project that checks whether a user's password has already been leaked or not before choosing a password. There are challenges for such a project, including the high volume of leaked passwords and the speed of password searches In this project, elasticsearch is used to search passwords, which has an acceptable speed.
In one of the tests, the amount of time spent searching in 1,440,604 passwords was 3.6251095ms on average.
To start the server, just run the following command in the service folder:
docker-compose upIn the case of the Windows module, you must first compile the project and install it with the install.ps1 script with the following command:
PS C:\> . .\install.ps1
PS C:\> Invoke-LeakGuard -dllpath .\LeakGuard.dll -name LeakGuard -address <IP>:<PORT> -token <TOKEN>
© 2023 xiosec