August 26th, 2005, 03:11 AM
Password History Cracking?
Everyone always suggests that people enforce some sort of password history on their computer. My question is, where do the old passwords get stored? I've googled for the answer on and off for the last couple of months and searched the forums, but I can't find the answer anywhere. If the old passwords aren't stored anywhere, then the whole process is pretty pointless. Can anyone else shed some light?
August 26th, 2005, 03:28 AM
I can't give you the technical details, but here are two utilites to start digging with.
Protected Storage Passview
For All-9x/All-NT. It will show you a startling amount of information that you probably didn’t even know existed, including all autocomplete information stored by IE — and it lets you delete each item selectively! You can also migrate your passwords to a different computer. Freeware by Nir Sofer.
For 2K/XP. This one is scary! But, besides its usefulness in finding password you thought unrecoverable, it also emphasizes that physical security is still the most important level of all security! This has a couple of functions to help manage Windows Product Activation, listing of remote access passwords, as well as many other passwords not limited to what IE retains. Also has a “strong password” random generator. By Korban.
August 26th, 2005, 10:22 PM
Unfortunately, neither of these could find the passwords from the password history of Windows I'm not running a domain or any remote authentication at home, so I know it has to be somewhere on my computer.
August 26th, 2005, 10:53 PM
Hey wyred old chap,
I may be talking total crap here, but I vaguely remember from my NT4.0 days that you needed a network set up? Sure, the system would check that you had used a different password from the last 10 (?) or whatever, but you needed that network, and the records were server side, as I recall.
OK smart guys, please shoot me down, it was not my area in those days anyway