A-Z Glossary of Information Security and Social Engineering Terms

Pass the hash

Pass the hash

Many users erroneously believe that hashed passwords stored in their internet browser cannot be used in attacks. In reality, however, attackers can use what are known as “hash dumping tools” which collect hashed passwords from a target (Windows) system. These can then be stored in the Local Authority Subsystem Service, which dupes the Windows system into thinking the attacker is an authenticated user. 

Got a question?

If you would like to make an enquiry about any of our services click the "Contact Us Now" button and fill in your details.