Punters' password hints are easily extracted from the latest Microsoft Windows machines, security researchers have discovered.
TrustWave SpiderLabs uncovered a key called "UserPasswordHint" during wider research into how the Redmond operating system stores password hashes. Subsequent studies showed it was easy to extract and decode password hints from the registry on both Windows 7 and Windows 8 machines. The value stored is obscured with the addition of zeros but not encrypted.
More here - http://www.theregister.co.uk/2012/08/23/password_hint/
info@byteguys.co.uk
www.byteguys.co.uk
No comments:
Post a Comment