Password algorithms

  • Thread starter Thread starter Oliver Beckerlegge
  • Start date Start date
O

Oliver Beckerlegge

What password hashing algorithms are available in XP, and
how do you select/change them? I have been directed to HP
ProtectTools Authentication Services, but it does not load
properly and HP have refused support because it is not
loaded on an HP machine. Does XP really use MD4?
 
In Windows XP, the hashed values for passwords are encrypted
using the Syskey, and then stored in the SAM (Security Accounts Manager)
database.

Ref: http://www.microsoft.com/technet/prodtechnol/winxppro/evaluate/mblsecxp.mspx

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect Your PC!
http://www.microsoft.com/athome/security/protect/default.aspx

----------------------------------------------------------------------------------

:

| What password hashing algorithms are available in XP, and
| how do you select/change them? I have been directed to HP
| ProtectTools Authentication Services, but it does not load
| properly and HP have refused support because it is not
| loaded on an HP machine. Does XP really use MD4?
 
Thanks for your reply, which seems to confirm some of the
information I received from Microsoft.

I am trying to clarify some information I need for
security calculations for a defence contract, regarding
the algorithms used for hashing the passwords. Microsoft
told me that MD4 was used, but I thought that was replaced
by MD5. The information you have given me in
http://www.ietf.org/rfc/rfc2433.txt suggests that it is
still in use with XP and W2K3.

I was also pointed at HP ProtectTools Authentication
Services to check and change the algorithm used, but it
does not load properly and HP have refused support because
it is not loaded on an HP machine. Are there any other
algorithms (e.g., SHA-1, 3DES, AES etc.) that are possible
with XP, and if so how does one reconfigure the system to
use them?

Kind regards,

Oliver Beckerlegge
 
Back
Top