• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Does XP Pro encryption really do much?

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Well my Windows password is typed by me frequently, like every time I boot up my system, or every time I lock my system and come back, etc., so I'm simply not going to make it 20 characters long with letters, numbers, and symbols. It needs to be quick and easy to type and I'm not really worried about the physical security of my system.

With that said, it's pretty obvious then that using EFS is not the right choice for me, since not only is the base key my Windows password, but it could possibly be found unencrypted in various places on my system. So using something like TrueCrpyt is probably the right way to go. But when the files get backed up to my external hard drive, where no programs are installed at all, what happens then? Are they still encrypted? But yeah in that case I'd probably use a 20 character key with letters, numbers, and symbols.

Also, an additional question - my passwords for websites and such are usually like 10 characters long or so with letters, numbers, and symbols, so according to that equation from Wikipedia that provides about 65-bit entropy. Is this good? I mean it's not like I could make it much better than that anyway, many sites limit password length to anywhere from 8-12 characters. But should I increase the ones I can to 12-16 characters? I'm guessing that's not really necessary.
 
Most worthy sites limit brute-force attempts to x number of failed login attempts, so it's pretty safe there unless someone REALLY wants to get in.

As for your windows password...just remember a simple phrase. I mean, what's a few extra seconds logging in? It's as trivial as the people who are concerned with how fast their bootup is.
 
if you use syskey mode 2 mentioned earlier, you could have a very strong password at startup, and a weaker password on your account that is easier to type in every time
 
"Ophcrack is an open source (GPL license) program that cracks Windows LM hashes using rainbow tables. It can crack 99.9% of alphanumeric passwords of up to 14 characters in usually a few seconds, and at most a few minutes."
Click to expand...
Thanks for proving my point about the table size. A LM hash is only going to be 7 characters long, even if the password is greater than 7 and less than or equal to 14. There is no good reason to keep LM hashes enabled on any system you want to secure. If an app requires LM hashes, it should be avoided at all costs.

The real concern is the weakness of the encryption, it is easily exploited (it will last minutes at best). The password was mixed upper, lower case and numerical. I forgot to put the numerical down there.
Click to expand...
This has nothing to do with the weakness of the encryption. The encryption still 256-bit AES, and you aren't breaking that. This has to do with the weakness of your password, which is why I have said many times now, EFS is only as strong as your password

If you have a strong password or passphrase and take some simple steps to protect the hashes (or avoid having hashes locally in the first place) EFS is impossible to crack in anything approaching a reasonable amount of time.
 
The weakness how how windows encryption. And you can exploit it by breaking down the password into smaller chunks to crack.
Click to expand...
Wow. Having a crappy password is not a "weakness" in the encryption. That would be like calling the ability to disable a firewall a weakness. If you turn off the firewall and you get owned, that's as a result of your stupidity, not some inherent flaw. Likewise, if you have a weak password and/or leave LM hashes enabled and your encrypted files get decrypted, that's due to user incompetence, not a weakness in EFS.

There is plenty of guidance out there on how to securely use EFS. You still haven't shown me how you would crack EFS on a system that was setup using the best practices that I have laid out here. Please tell me how you would crack a complex password (8+ chars) on a system where LM hashes are disabled (as they are on Vista by default). Please tell me how you would decrypt files encrypted by a domain user account? Please tell me how you would decrypt files encrypted by a local user on a laptop that is using full volume encryption or SYSKEY=2

All you have demonstrated to me is that you can crack a weak password.
 
Nice edit.

My point still stands. You have demonstrated how to crack a weak password, and nothing more. There is tons of documentation out there on how to create strong passwords on Windows. Without a weak password, you aren't going to get access to anything, even with all of those "EFS cracker" tools out there, since every single one of them requires that it be able to find the password of the account that encrypted the files.
 
Originally posted by: net
lol, just go read http://elliottback.com/wp/archives/2006...ords-with-ophcrack-and-rainbow-tables/ I'm tired of explaining it.

here is a quick tibit from the above source "Passwords longer than 7 characters are broken up into 7-character chunks, made uppercase, and then hashed with DES.
Click to expand...

Holy ****** dude.

I know how LM works. Everyone knows how LM works, and how much it sucks. Which is why everyone DISABLES it.

If I have a system with a 15+ char password, it is impossible to split the password into chunks, and your rainbow table is worthless. Similarly, if I have a 8 or 9 char password on a system where LM hashes are disabled, you can't split it into smaller chunks and your rainbow table is worthless, unless you have a 8 or 9 character rainbow table (unlikely).

 
lol, not smart.

Here is a Dummies guide.

1. Gain access to the computer. How can I do this? Ophcrack.
2. Run http://www.crackpassword.com/products/prs/mswin/efs/ Wow! This can crack AES? No it finds the key.

I don't know how I can be more clear. Here I will try. We are not talking about cracking AES, they haven't found a way to exploit it yet (as far as I know, maybe some german has). We have commented on how windows logon password can be exploited. We have talked about how windows stores the AES keys in an insecure manner. We have talked about how you gain obtain (as in find the key, not crack the key. It retrieves the key.) those keys
 
Oh to be more clear let me add...

There are measures that can be taken that will safe guard you from ophcrack as has been mentioned by me and others many times. Even yourself.
 
Here is a Dummies guide
Click to expand...
How apropo.

You clearly don't understand what the hell you're talking about. Ophcrack's rainbow tables will only work with passwords that are 7 characters or less. If you had bothered to post the entire sentence above, you might begin to grasp this concept. Let's try again:

As you know, passwords are stored in windows in a weak hash form, the first kind of which is called the LM (Lan Manager) Hash. Passwords longer than 7 characters are broken up into 7-character chunks, made uppercase, and then hashed with DES
Click to expand...
This is correct on XP and earlier. If you have a password that is 14 characters or less, it will be stored as a LM hash, which splits the password into two 7 character strings and hashes both strings.

The part you are not getting is that if you have a password that is longer than 14 characters, the password is automatically NOT stored as a LM hash. LM hash can only support a password length of up to 14 characters. Anything higher, and your password is stored as a NT hash. NT hashed passwords ARE NOT split in half. So if you have a password greater than 14 characters, you will end up with a single hash of 15 characters or more. Unless Ophcrack has a rainbow table for passwords of 15+ characters, the ONLY way to crack this password is with brute force. A rainbow table for 15 character passwords would take an extremely long time to create and would be enormous.

The other side of the coin is if you disable LM hashes on your system. This is the default setting on Vista. Now, say you have an 8 character password. On XP, this password would be split into two 7 character chunks, with the second chunk containing only one character from the password and padding for the rest. On Vista or a system with LM disabled, it will NOT be split, and you will have a hash of an 8 character string. A hash of an 8 character string is expoentially harder to crack, and it takes much longer to generate 8 character rainbow tables than 7 character rainbow tables. So, if you don't have a 8 character rainbow table, your only option is to bruteforce this password.

So in your case, I'm assuming you are using XP with the default settings (LM enabled). Your 9 character password is split into two 7 character chunks, with the second chunk having two chars and some padding. This means Ophtcrack will only need to look up a 7 character hash and a two character hash in its table. If you had disabled LM, it would have to look up a 9 character hash, which it most likely doesn't have a table for.

So if you take the very simple steps of having a password of 15 or more characters OR disabling LM hashes, you will have a password that is orders of magnitude harder to crack.
 
Ophcrack's rainbow tables will only work with passwords that are 7 characters or less.
Click to expand...
no they crack passwords that are 14 or less. As I said I used it to crack my 9 alphanumeric password.
 
ophcrack is fast using rainbow tables because of how it can break a large password into small chunks.

for instance if your password is 14 alphanumeric..... h3lOa23Bn432ls It will break up the password into to two chunks h3lOa23 and Bn432ls and crack them seperately. This is why it is so fast. Good encryption shouldn't allow this.

seriously go download ophcrack, burn it to a cd. Change your password to 14 alphanumeric, restart and boot from the ophcrack cd and watch for yourself.
 
Originally posted by: net
ophcrack is fast using rainbow tables because of how it can break a large password into small chunks.

for instance if your password is 14 alphanumeric..... h3lOa23Bn432ls It will break up the password into to two chunks h3lOa23 and Bn432ls and crack them seperately. This is why it is so fast. Good encryption shouldn't allow this.

seriously go download ophcrack, burn it to a cd. Change your password to 14 alphanumeric, restart and boot from the ophcrack cd and watch for yourself.
Click to expand...

So Ophcrack is useless if the password is over 14 characters?
 
Maybe I'm wrong (and I'm downloading the Ophcrack LiveCD to check) but the NTLM Table does not appear to be able to crack very complex passwords.

Alphanumeric (U/L case) and symbols for six chars or less?
Alphanumeric (U/L case) for seven chars or less?
Alphanumeric (L case) for over eight chars?

Doesn't seem very useful to me. I'd be surprised at a knowledgable person not using at least an eight character password with all of the above nowadays.
 
i think it's only two because of how LM works but I would have to read up on it more. If a password is longer then 7 characters it will be broken up into 7 character chunks changed to uppercase and hashed using DES. You could picture it as a 8~14 character password being spilt into two passwords. Ophcrack cracks the first password then works on the second password. It does it really fast. I enjoyed watching it crack my password. It was surprising and enlightening.
 
if you want to crack 14 characters of the following 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&' ()*+,-./:;<=>?@[\]^_`{|}~ (including the space character)

check out http://ophcrack.sourceforge.net/tables.php

what i know is that the 9 alphanumeric password i cracked was accomplished by running ophcrack 1.1.4 as default. It did everything automatically.

 
You clearly don't understand what the hell you're talking about. Ophcrack's rainbow tables will only work with passwords that are 7 characters or less. If you had bothered to post the entire sentence above, you might begin to grasp this concept. -stash
Click to expand...
from this it appears you are saying ophcrack rainbow tables will only work with passwords that are 7 characters or less.

We need a stash cracking program to decipher what he is saying!
 
Originally posted by: Alone
Is there a reason why Ophcrack couldn't cut a large password into three, rather than just two?
Click to expand...
Ophcrack doesn't split anything, as I have been trying with no success to explain to net.

LM takes any password greater than 7 chars and less than or equal to 14 chars and splits it into two 7 character strings, which are each then hashed. That is what Ophcrack is working on: two separate 7 character passwords.

In the case of the 9 character password, you will have one 7 character string and one two character string with the remaining five characters padded out. This makes it really easy for Ophcrack to lookup in the table, since it now only needs to lookup the hash for a 7 character string and the hash for a two character string.

Again, if you disabled LM hashes, your password would not be split and Ophcrack would be unable to look it up in a hash table, unless its hash table included hashes for strings longer than 7 characters.

None of this is relevant whatsoever to encryption. If you have a weak password, it's not a vulnerability in the encryption, regardless of whatever FUD and ignorant tripe net spews.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top