1995-12-09 - NT v. Win95 Passwords (was Re: Windows .PWL cracker implemented as a Word Basic virus)

Header Data

From: Rich Graves <llurch@networking.stanford.edu>
To: cypherpunks@toad.com
Message Hash: d24f1cb7b4b9104c1864af7ad2f9925f782f71f619a19afd563f05eae1d24b1e
Message ID: <Pine.ULT.3.91.951208220127.28627P@Networking.Stanford.EDU>
Reply To: <199512090547.FAA21624@pop01.ny.us.ibm.net>
UTC Datetime: 1995-12-09 06:15:44 UTC
Raw Date: Fri, 8 Dec 95 22:15:44 PST

Raw message

From: Rich Graves <llurch@networking.stanford.edu>
Date: Fri, 8 Dec 95 22:15:44 PST
To: cypherpunks@toad.com
Subject: NT v. Win95 Passwords (was Re: Windows .PWL cracker implemented as a Word Basic virus)
In-Reply-To: <199512090547.FAA21624@pop01.ny.us.ibm.net>
Message-ID: <Pine.ULT.3.91.951208220127.28627P@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, 9 Dec 1995, Dan Bailey wrote:

> On Fri, 8 Dec 1995 19:51:55 -0800 you wrote:
> 
> >
> >Also, does NT use the same algorithm for saving network passwords?
> >
> No, but they're doing something that makes me very uncomfortable:  As
> I read this, they're hashing the password and some other user
> information using MD4 then doing some proprietary permutations on
> that.  Given their record with security, I'd rather they used straight
> MD4, rather than throwing in something that we can't analyze.
> 						Dan Bailey
> 
> >From the Microsoft Knowledge Base article Q102716

That would be http://www.microsoft.com/kb/bussys/winnt/q102716.htm. Seems
reasonable to me. It's good enough for NT to get the guvment's imprimatur
for the guvment's own use. 

Does anyone have any technical information on the problem referred to in
http://www.microsoft.com/KB/PEROPSYS/windows/Q131675.htm (below)? It says 
"The password encryption method used by Windows NT is different from
the method used by Windows 95," and offers some curious workarounds.
Microsoft has not been very cooperative. 

In other news (just to combine four subjects in one message), in our
meeting with Microsoft today on DHCP issues (that's in the gopher archive;
finger me), a Highly Placed Source said that Microsoft would release the
details on the new Win95 .PWL encryption Soon, and that a release
candidate is in internal beta testing now, but that there would be no
outside testing prior to the public release. 

Q131675

SYMPTOMS

You may not be able to connect to a shared folder on a Windows 95 computer
from a Microsoft Windows NT workstation.


CAUSE

The password encryption method used by Windows NT is different from
the method used by Windows 95.


RESOLUTION

You may be able to work around this problem by using one of the following
methods:

 - Use all uppercase or all lowercase characters in the Windows 95
   shared folder password.

 - Remove password protection from the shared folder.

 - Use user-level access control instead of share-level access control.


STATUS

Microsoft is researching this problem and will post new information
here in the Microsoft Knowledge Base as it becomes available.





Thread