Vulnerability Development mailing list archives
WinNT and previously used passwords
From: KF <dotslash () snosoft com>
Date: Fri, 24 May 2002 02:51:42 -0400
Today I got a message when I logged in to my domain about my pass being expired... so as expected I went ahead and typed in a new password. Next thing I know NT (win2k really) is barking at me saying I can not use any of my previous 10 passwords. Aparantly the one I wanted to use today was one I used a while ago. I found it interesting that SOMEWHERE my last 10 passwords are achived in the SAM or registry maybe? So my question is are there any tools similar to l0pht crack in which the last 10 passwords can be extracted from either the registry or the SAM file or where ever they are hiding? If I remember correctly l0pht crack grabs the CURRENT password and trys to crack the hash . I am not aware of it going after the old passwords so forgive me if l0pht crack already does this. I think being able to determine a persons last 10 passwords would help in guessing what they may pick next... people tend to form patterns.
-KF
Current thread:
- WinNT and previously used passwords KF (May 24)
- Re: WinNT and previously used passwords Kit (May 25)
- RE: WinNT and previously used passwords V (May 25)
- MacOS X 10.1.4 MAC Address Spoofing Juan M. Courcoul (May 26)
- Re: MacOS X 10.1.4 MAC Address Spoofing jsyn (May 27)
- MacOS X 10.1.4 MAC Address Spoofing Juan M. Courcoul (May 26)
- RE: WinNT and previously used passwords Jesper M. Johansson (May 25)
- Re: WinNT and previously used passwords Kevin Finisterre (May 25)
- Re: WinNT and previously used passwords Roland Postle (May 26)
- RE: WinNT and previously used passwords Brett Moore (May 26)
- <Possible follow-ups>
- RE: WinNT and previously used passwords Seymour, Keith (May 28)
- RE: WinNT and previously used passwords Keith T. Morgan (May 28)