Re: Encrypting Logon Passwords

From: Larry Williams (LarryWilliams_at_discussions.microsoft.com)
Date: 09/07/05 

Date: Wed, 7 Sep 2005 05:46:06 -0700

The LSA method isn't recommended
(http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmgmt/security/lsastoreprivatedata.asp)
besides I can not figure out how to reference it from within VB .Net. I keep
getting an error (tells me it's an invalid assembly) when I try to setup a
reference to Advapi32.dll. Do you know how?

Local System or anyone with a "Full Control" premission can access the
information. Are you saying that there is no way to access this
programatically? DotNet help seems to indicate that this is not the case.

Okay how do I "Encode" it?

"AutoLogonCount" will decrement everytime the autologon is performed. When
it reaches 0 the DefaultPassword is automatically removed from the registry.

If you have a better way to logon automatically but hide the password
securely then please let me know.

 

"Dominick Baier [DevelopMentor]" wrote:

> Hello Larry,
>
> they are using something called a LSA Secret, only LOCAL SYSTEM has access
> to this API - and btw. it is not encrypted, it is only encoded. Grab a tool
> like LSADump, which shows you the decoded values.
>
> That said - i don't think thats the way to go...what does the AutoLogonCount
> value mean?
>
> ---------------------------------------
> Dominick Baier - DevelopMentor
> http://www.leastprivilege.com
>
> > I've got a few posts that are all related but I've gotten a little
> > farther and figured I should make a new post.
> >
> > I am writting a VB dotNet program that has to restart the PC halfway
> > through. In order to ensure it restarts with the same userid and
> > password I have to setup the following registry entries:
> >
> > HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
> > NT\CurrentVersion\Winlogon
> >
> > DefaultUserName "your_username"
> > DefaultPassword "your_password"
> > AutoAdminLogon "1"
> > AutoLogonCount "1"
> > The only problem is this stores the password in text format and
> > unencrypted.
> > Therefore I've been looking at ways to encrypt and save the password
> > and
> > have the system use it.
> > I noticed that TweakUI (Microsoft PowerTool) does this when you setup
> > the AutoLogon. It assigns all of the keys identified above except the
> > "DefaultPassword".
> >
> > After using "RegMon" (http://www.sysinternals.com) I've been able to
> > determine that TweakUI is saving the logon password into the following
> > registry location:
> >
> > HKLM/SECURITY/Policy/Secrets/DefaultPassword/
> >
> > and into the following keys:
> >
> > CupdTime
> > CurrVal
> > OldVal
> > OupdTime
> > SecDesc
> > I had to change my Administrator Permissions to access this key in the
> > registry.
> >
> > Now I need to know how to encrypt a password and store it into these
> > keys. I'm looking for code that will encrypt the password. Once I've
> > got that I should be able to set the values into the proper registry
> > values.
> >
> > I'm not totally sure how to set the permissions to allow my program to
> > update the registry permissions for the administrator.
> >
> > If someone could give me a code snippet (or point me in the correct
> > direction where an example exists) that encrypts the password and
> > changes the permissions for the program to assign the value into the
> > registry I would be very appreciative.
> >
> > I'm thinking I need to prefix my main program with:
> >
> > <System.Security.Permissions.RegistryPermissionAttribute(System.Securi
> > ty.Permissions.SecurityAction.Demand, _
> > Unrestricted:=True)> Public Sub Main()
> > For the encryption on the password I think I need to use something
> > like this:
> > Dim PDB As New PasswordDeriveBytes(Password, "")
> > Dim Key() As Byte
> > Key = PDB.CryptDeriveKey("RC2", "SHA", 128, "")
> > What I'm not sure of is which Algorithim name (RC2) or Hash Name (SHA)
> > to use for the logon password. I believe this code isn't correct
> > because it does not provide the same result as what is appearing in
> > the registry now. The CurrVal key appears to be 36bytes long. The
> > result of this code is a 16byte field.
> >
>
>
>
>

Relevant Pages

  • Re: 0x80070005 / _Inventory: Installer returned 0x5 (5)
    ... |> Access Denied is a hard one to determine where the keys are failing - ... Navigate to the following key in the registry: ... and then click Permissions. ... |> For Administrator and System, select the Allow check boxes next to Full Control ...
    (microsoft.public.windowsupdate)
  • Re: 0x80070005 Installation Failure message
    ... I wonder why Microsoft ... it had different permissions than other ... Before you modify the registry, ... > one or more registry keys could not be deleted ...
    (microsoft.public.windowsupdate)
  • Encrypting Logon Passwords
    ... have to setup the following registry entries: ... It assigns all of the keys identified above except the ... I had to change my Administrator Permissions to access this key in the ... Now I need to know how to encrypt a password and store it into these keys. ...
    (microsoft.public.dotnet.security)
  • Re: Default permissions for OE inside registry key...
    ... Single users would not have those keys in the registry. ... > OE runs through the wizard to add a new news account. ... > so I need the permissions for the keys listed. ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Why does the confiuration wizard run every time I start Word 2
    ... There was some minor errors after I ran the batch file, but a vista repair ... if they wanted to solve the issue it would be in a registry issue, ... I was fairly sure that it the problem was due to a permissions issue ... Trying to alter the permissions on some of these keys I also ...
    (microsoft.public.office.setup)