Security Basics mailing list archives
RE: Cached Password concern
From: "Zachary Mutrux" <zmutrux () compumentor org>
Date: Tue, 2 Dec 2003 09:37:39 -0800
There was a thread on this not long ago, IIRC. The credentials are stored using an irreversible (read: impractical to reverse) one-way hash. If a DC is not available when the user logs in, the credentials that are entered are hashed and compared with the cached hash. If they match the user is logged in.
From what I understand it is not practical to recover the admin password
from cached credentials. There are better ways to crack a system if that's what you're after. If this is in error, please correct me. zm
-----Original Message----- From: sunny budd [mailto:sunnybudd () hotmail com] Sent: Monday, December 01, 2003 2:56 AM To: security-basics () securityfocus com Subject: Cached Password concern Hi all I am working on a laptop users security policy and I have a concern about cached domain user credentials in Windows 2000 SP4 as We use our domain admin password to logon to laptops while they are being built. I would like to recommend against this practice but need some information on how easy it is to extract this stuff from a stolen laptop. I have heard that these passwords are protected by "syskey" and are impossible to extract. Is this true or does anyone know how to get at these passwords? Thanks, S _________________________________________________________________ Find a cheaper internet access deal - choose one to suit you. http://www.msn.co.uk/internetaccess ------------------------------------------------------------------ --------- ------------------------------------------------------------------ ----------
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Cached Password concern sunny budd (Dec 01)
- RE: Cached Password concern Blake Wiedman [Icons] (Dec 01)
- RE: Cached Password concern Sean McMahon (Dec 02)
- RE: Cached Password concern dave kleiman (Dec 01)
- RE: Cached Password concern Zachary Mutrux (Dec 02)
- <Possible follow-ups>
- RE: Cached Password concern sunny budd (Dec 02)
- RE: Cached Password concern Blake Wiedman [Icons] (Dec 01)