Vulnerability Development mailing list archives
RE: WinNT and previously used passwords
From: V <progman () netvision net il>
Date: Sat, 25 May 2002 10:35:16 +0200
This behavior is Password History and defined by the admin in the Password Policies panel on NT/2k machines, stating how many previous password should it remember, whether demand it's complexity, length, and so on. I'm not aware of any tools that extract these, and I have a feeling that it is not possible. In any case, if I had to guess on their whereabouts it would be \WINNT\SYSTEM32\CONFIG (where registry keys are stored, including the current SAM). Its an interesting issue thought. Cheers, - V. -----Original Message----- From: KF [mailto:dotslash () snosoft com] Sent: Friday, May 24, 2002 8:52 AM To: vuln-dev () security-focus com Subject: WinNT and previously used passwords Today I got a message when I logged in to my domain about my pass being expired... so as expected I went ahead and typed in a new password. Next thing I know NT (win2k really) is barking at me saying I can not use any of my previous 10 passwords. Aparantly the one I wanted to use today was one I used a while ago. I found it interesting that SOMEWHERE my last 10 passwords are achived in the SAM or registry maybe? So my question is are there any tools similar to l0pht crack in which the last 10 passwords can be extracted from either the registry or the SAM file or where ever they are hiding? If I remember correctly l0pht crack grabs the CURRENT password and trys to crack the hash . I am not aware of it going after the old passwords so forgive me if l0pht crack already does this. I think being able to determine a persons last 10 passwords would help in guessing what they may pick next... people tend to form patterns. -KF
Current thread:
- WinNT and previously used passwords KF (May 24)
- Re: WinNT and previously used passwords Kit (May 25)
- RE: WinNT and previously used passwords V (May 25)
- MacOS X 10.1.4 MAC Address Spoofing Juan M. Courcoul (May 26)
- Re: MacOS X 10.1.4 MAC Address Spoofing jsyn (May 27)
- MacOS X 10.1.4 MAC Address Spoofing Juan M. Courcoul (May 26)
- RE: WinNT and previously used passwords Jesper M. Johansson (May 25)
- Re: WinNT and previously used passwords Kevin Finisterre (May 25)
- Re: WinNT and previously used passwords Roland Postle (May 26)
- RE: WinNT and previously used passwords Brett Moore (May 26)
- <Possible follow-ups>
- RE: WinNT and previously used passwords Seymour, Keith (May 28)
- RE: WinNT and previously used passwords Keith T. Morgan (May 28)