RE: Where are Windows "Enforce password history" passwords stored?
Wil.Allsopp_at_ins.com
Date: 08/30/05
- Previous message: nightstorm_at_hushmail.com: "P2P Tools and Shared Directory Tools"
- Maybe in reply to: Charles Gillman: "Where are Windows "Enforce password history" passwords stored?"
- Next in thread: Steve A: "RE: Where are Windows "Enforce password history" passwords stored?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 30 Aug 2005 21:59:03 +0100 To: <pen-test@securityfocus.com>
James Leighe [jamesleighe@gmail.com] wrote:
>It's stored as a hash, so if you find out how to access them, you
>would have to crack it. So basically, it's not worth the time when an
>attacker could just go for the current password.
This shows a fundamental misunderstanding of security as well as the way
hackers think. There are many advantages for an attacker to have your
previous passwords - passwords are reused and some may be current on
peripheral or entirely separate systems.
Wil
- Previous message: nightstorm_at_hushmail.com: "P2P Tools and Shared Directory Tools"
- Maybe in reply to: Charles Gillman: "Where are Windows "Enforce password history" passwords stored?"
- Next in thread: Steve A: "RE: Where are Windows "Enforce password history" passwords stored?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
