From: Rich Graves <llurch@networking.stanford.edu>
To: Laszlo Vecsey <master@internexus.net>
Message Hash: ba154d21222a57c2ccc3401e667472b43f3f848a1a89f6f3890139b73d60bd7f
Message ID: <Pine.ULT.3.91.951201175232.2911G-100000@Networking.Stanford.EDU>
Reply To: <Pine.LNX.3.91.951201201911.32274A-100000@micro.internexus.net>
UTC Datetime: 1995-12-02 02:43:45 UTC
Raw Date: Sat, 2 Dec 1995 10:43:45 +0800
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sat, 2 Dec 1995 10:43:45 +0800
To: Laszlo Vecsey <master@internexus.net>
Subject: Re: Windows95 "Security"
In-Reply-To: <Pine.LNX.3.91.951201201911.32274A-100000@micro.internexus.net>
Message-ID: <Pine.ULT.3.91.951201175232.2911G-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain
On Fri, 1 Dec 1995, Laszlo Vecsey wrote:
> Where is the password data file kept?
A separate password file is kept for each "user" in:
C:\WINDOWS\*.PWL
.PWL files are weakly encrypted with the "default login" password. Once
you decrypt them, they contain cleartext passwords for every other
password-protected resource accessed by that user (network servers,
screen savers, dial-up networking, possibly .PWL-enabled encryption
utilities).
Somebody supposedly posted code for decrypting .PWL files to sci.crypt.
.PWL files are persistent, i.e., Joe "logs on," saves a couple passwords,
"logs off," then Judy comes by, hits Escape or various other trivial
tricks to avoid the need to "log on," picks up Joe's .PWL file, and
cracks it at her leisure.
Each "user" also gets an unencrypted "profile" that gives all application
preferences.
Anyone who treats Win95 as if it were a multiuser system is an idiot.
-rich
Return to December 1995
Return to “Rich Graves <llurch@networking.stanford.edu>”