We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
What level of security do windows passwords use?
Horlock
Posts: 1,027 Forumite
in Techie Stuff
Please note - I don't want to know how to crack windows security at all. I just want some jargon to bandish around with a mixed audience including some techies.
I'm after something like
"Windows 7 uses a 64 bit one-way undisclosed encryption algorithm based on twofish to compare passwords with hidden key files in the boot master segment of the local hard drive"
For those of you who know what you are talking about you will know that the above sentence is nonsense. I just want a single sentence which will be lost on the majority of my audience but will bring a smile to a couple of techies and actually be correct - even though I don't care what it means.
I'm after something like
"Windows 7 uses a 64 bit one-way undisclosed encryption algorithm based on twofish to compare passwords with hidden key files in the boot master segment of the local hard drive"
For those of you who know what you are talking about you will know that the above sentence is nonsense. I just want a single sentence which will be lost on the majority of my audience but will bring a smile to a couple of techies and actually be correct - even though I don't care what it means.
There is no intelligent life out there ... ask any goldfish!
0
Comments
-
Windows 7 uses a 64 bit one-way undisclosed encryption algorithm based on twofish to compare passwords with hidden key files in the boot master segment of the local hard drive
:whistle:How do I add a signature?0 -
"Windows 7 stores user passwords in a SAM file, these are much more secure than the older BILL or TRACEY file formats as it makes better use of newer file systems"
http://en.wikipedia.org/wiki/Security_Accounts_Manager
or you could just say you enjoy being elitist and feel the need to use confusing jargon to make yourself seem smarter?
regards
Dave0 -
They are stored as one way hashes (unless you select 'Store passwords using reversible encryption’).
The hashes are either Lan Manager (LM) hash which is crap. Or NTLM (which is a little less crappy).
NTLM is a 128 bit MD4 hash.
For LM the password is converted into UPPERCASE and padded out to 14 characters (it doesn't bother using any more than 14 characters). It is then split into 2 sets of 7 characters. Each of those sets are then used as a DES key to encrypt a string. The two results are then stuck back together.
http://en.wikipedia.org/wiki/LM_hash
http://en.wikipedia.org/wiki/NTLM
LM was disabled by default on Vista and newer versions of Windows.
So, my sentence would be:
"Windows 7 uses MD4 to create a one way 128 bit hash, which is stored in a protected area called the Security Accounts Manager (SAM)"0 -
Thanks very much for this. Wonderful stuff.There is no intelligent life out there ... ask any goldfish!0
-
mr_fishbulb wrote: »"Windows 7 uses MD4 to create a one way 128 bit hash, which is stored in a protected area called the Security Accounts Manager (SAM)"
This could be a bit misleading because, although an optional method (Syskey) was introduced from NT4 onward that encrypts the SAM data, it has only ever been an option. AFAIK (please feel free to correct this) it is still only an option in all subsequent versions of Windows, and an option very few people bother to use, in my experience.
AFAIK, by default the hashes are still stored in plain view in the Registry - which is why tools such as L0phtCrack still work today, on all versions from NT4 up to and including Win7.0 -
You're right that they are in plain text in the reg, but it's "protected" in the sense that accounts can't see it (not even admin accounts). However those tools can get to the hashes by using a DLL injection with System account privileges. pwdump2 can actually get hashes when SYSKEY is used.This could be a bit misleading because, although an optional method (Syskey) was introduced from NT4 onward that encrypts the SAM data, it has only ever been an option. AFAIK (please feel free to correct this) it is still only an option in all subsequent versions of Windows, and an option very few people bother to use, in my experience.
AFAIK, by default the hashes are still stored in plain view in the Registry - which is why tools such as L0phtCrack still work today, on all versions from NT4 up to and including Win7.
I didn't say the protection was any good
0 -
there are tools that decrypt windows passwords instantly, never really looked into windows password cracking as its far to easy to bover. If you want to improve network security use some thing like a novel solution. I beleive they use dynamic salts and store passwords in a place that non admin users cant see like on macs0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.2K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards