A. Most password auditing programs use a process that works on 32-bit platforms but fails on 64-bit platforms. It fails because of the additional memory protection capabilities of 64-bit OSs, which prevent dumping password hashes from memory.

I'm glad to report that the latest version of Proactive Password Auditor from ElcomSoft works great on a 64-bit OS. Passwords can be dumped on any 64-bit platform. In the example shown here, I'm on a Windows Server 2008 R2 server core read-only domain controller.

Click to expand.

Related Reading:

Check out hundreds more useful Q&As like this in John Savill's FAQ for Windows. Also, watch instructional videos made by John at ITTV.net.