Overall Satisfaction with John the Ripper
We had to undertake a password auditor project recently, so one of the key performance indicators was to use a password cracker to check the veracity of the passwords. The best-known one was 'John the Ripper' so we went ahead and used it. Its main strength lies in detecting password hashes and running against the very best ones (apart from AES). The password crackers can be run from one location for convenience and this also adds to the effectiveness of the application. 'John the Ripper' mainly relies on incorporating brute force attacks and dictionary table attacks on plaintext passwords and this is where t is more effective.
- Easily finds plantect passwords.
- Simply detects passwords hashes.
- Has a fully bespoke cracker that can be modified to users requirements.
- Excellent for UNIX and Windows usage.
- It needs to be modified to be able to break SHA 256, 512 and the lastest hashes.
- Can be slow and wildly against the lastest hashes.
- Require admin access to set up account.
- Old and is being superseded by better applications.
- Easy of use.
- Speed of operation.
- Supports countless Hashes.
- Runs on numerous Operating Systems.
- Is Open source, so free effectively to use.
- Excellent at auto detecting Hashes.
- Continues to develop.
- Helped us achieve initial Password Auditor goals and targets.
- Simple and cheap to deploy, so have saved greatly compared to paid for products.
'John the Ripper' being open source was free to use, whereas the others had to be paid for. It was very simple to install and runs against many hundreds of hashes and crypts. It is always developing thanks to large communities on GitHub.
Do you think John the Ripper delivers good value for the price?
Yes
Are you happy with John the Ripper's feature set?
Yes
Did John the Ripper live up to sales and marketing promises?
Yes
Did implementation of John the Ripper go as expected?
Yes
Would you buy John the Ripper again?
Yes