Where and How Microsoft Passwords are Stored
E-commerce demands that security measures are in place to avoid unauthorized access to confidential information. Passwords are important guard against unnecessary intruders into personal online information. In order to prevent hackers from accessing such important information, Microsoft passwords are generated and stored in specific locations that are not easily accessible by the unauthorized persons. All windows-based computers use LAN Manager (LM) and NT LAN Manager (NTLM) for hashing the passwords (Sanders 1). Hashing is the process by which fixed-sized strings are formed through a definite procedure. The procedure involves cryptographic and mathematical encryption functions.
LAN Manager was the initial method used to develop password algorithms by the windows operating systems; however, NTLM has replaced it since the development of the newer windows operating systems like Windows 7 and Windows Vista. LM hashing entails six steps of computing and storing windows passwords. First, the inserted password converts into all uppercase and then followed by addition of other null characters in order to make them 14. The next step involves splitting of the password into two, seven characters each (Sanders 1). The separate values are then used to create DES encryption keys that lead to the separate 64-bit keys. DES keys then utilizes preset strings that result into two 8-byte values that are then combined into 16-byte vales, complete LM hash.
As noted above, NTLM is the recent Microsoft password authentication method. Sanders argue that is a simpler process that entails the use of MD4 algorithm in order to create hash through a number of mathematical processes (1). MD4 helps in converting the Unicode into NT hash. It is also used because it offers better security because it allows for longer password lengths, and is case sensitive, unlike DES used in LM hashing.
How to reset windows password using ISO by burn into flash
Windows passwords can be either forgotten or lost. In case this happens, the best way out is to reset the password through a number of steps (Bright 1). The use of ISO by a flash drive is the best option as it ensures that all contents are retrieved. The first step involves creation of a bootable USB flash drive, a process that requires downloading and saving of PCunlocker and then extracting ISO image from it. The USB flash drive is then inserted into the computer, followed by downloading and installation of ISO2Disk utility (Bright 1). The program is then launched and then burning of the ISO image into the USB is done.
The second major step requires that BIOS settings be changed. This is done by booting the locked computer and checking the set-up key the computer is powered on. Select BOOT tab and set Boot Device Priority to Removable Device. Save the changes by pressing F10. The last step is the actual resetting of Microsoft password. The created USB flash drive is inserted and the computer is rebooted. After a successful rebooting from the flash drive, the computer loads the WinPE operating system and then starts the PCUnlocker after sometime (Bright 2). Select SAM registry and the program will list all Windows user accounts. At this point, one is required to select any user account that requires resetting. Click Reset Password button and then, it will show blank. Once all necessary changes have been made, restart the computer to reboot it. If one leaves the password blank, logging in should be possible by a blank password. This process works well with Window 7 operating systems.
Bright, Peter. “Making the lives of IT easier: Windows 8 Refresh, Reset, and Windows To
Go”. Ars Technica. Condé Nast, September 19, 2011. Web. February 25, 2014. < http://arstechnica.com/information-technology/2011/09/making-the-lives-of-it-easier-windows-8-refresh-reset-and-windows-to-go/>
Sanders, Chris. How I Cracked your Windows Password (Part 1), windowsecurity.com, January
- 2010. Web. February 25, 2014. <http://www.windowsecurity.com/articlestutorials/authentication_and_encryption/How-Cracked-Windows-Password-Part1.html>