Does XP Pro encryption really do much?

[Net]

lol, you really need to read my posts.

stash: I have been trying with no success to explain to net.
...... That is what Ophcrack is working on: two separate 7 character passwords.

net: If a password is longer then 7 characters it will be broken up into 7 character chunks changed to uppercase and hashed using DES....... Ophcrack cracks the first password then works on the second password.

I still like the "even if it were true" -stash... when I said i used ophcrack to crack my 9 alphanumeric password in 2 minutes.

 

[stash]

check out http://ophcrack.sourceforge.net/tables.php

This link just further proves my point about strong passwords. If you disable LM hashes, notice that Ophcrack only has tables for the following NT hashes:

* Passwords with 6 or fewer chars made up of upper and lower alpha, numerals and symbols.
* Passwords with 7 or fewer chars made up of upper and lower alpha only.
* Passwords with 8 or fewer chars made up of lower case alpha only.

So if you have a 7 character with a single upper case letter in it or a single number, Ophcrack can't do anything with it except brute force it.

So for the freaking Nth time, if you disable LM hashes and use a complex password of at least 8 characters, it will need to be brute forced, which will take a non-trivial amount of time.

 

[Alone]

I think Stash is saying that's Ophcrack isn't the one doing the splitting, but LM is. Then Ophcrack already takes the split password and works on that.

 

[Net]

ah, that's how this all started. when stash quoted my comment " wouldn't trust your windows logon password with those keys. Thanks to raindbow tables (look up ophcrack) you can crack a windows password in seconds~minutes. My logon password is 9 digits upper and lower case. It cracked it in 2 minutes. "

and replied with this: That seems unlikely, because tables > 8 characters are rare. Even if it were true a nine character alpha-only password with mixed case isn't really that strong of a password to begin with.


So what where you trying to disprove from my comment?

 

[stash]

when I said i used ophcrack to crack my 9 alphanumeric password in 2 minutes

No ******...I explained why about 3 times now.

Try disabling LMhashes and let me know if it cracks it. In gpedit: computer configuration, windows settings, security settings, local policies, security options, network security: do not store LAN manager hash value on next password change. Set to enable, change your password to a different 9 character password and try to crack it.

 

[Net]

oh course it won't. who ever said it would? i've been talking about LM hashes.

 

[stash]

Originally posted by: net
oh course it won't. who ever said it would? i've been talking about LM hashes.

And my point is that nobody with a clue would ever use LM hashes on a Windows system if they cared at all about securing their machine.

All of our best practices say to disable it, we disabled it in Vista. You come in here trying to say that LM is a EFS vulnerability, which is pure crap.

 

[Net]

if the archcommus knew the best practices this post won't be created.

 

[Net]

And I never said LM was a vulnerability to EFS.

I never even said EFS had a vulnerability.

The vulnerability is how windows stores the keys. You can recover them easily if you have access to the machine. I've talked about 1 way you can gain access.

 

[Net]

and by keys I mean the EFS keys.

 

[Nothinman]

oh course it won't. who ever said it would? i've been talking about LM hashes.

And you just seem to be talking in circles, if you would stop and actually read the posts here it would have been obvious what stash was saying like 2 dozen posts ago.

 

[stash]

Originally posted by: net
if the archcommus knew the best practices this post won't be created.

Which is why I listed them about five times in this thread. You're the one who keeps bringing LM back up.

I'm done with this thread.

 

[Net]

hmm... i keep having to explain how I could do what I said I could do, ever since the first page when you quoted me and said "even if it were true" and "that seems unlikely". you can say it is likely now 😉

 

[Nothinman]

hmm... i keep having to explain how I could do what I said I could do, ever since the first page when you quoted me and said "even if it were true" and "that seems unlikely". you can say it is likely now

No, you don't have to keep explaining anything because you're the one that's confused. We all know that LM hashes are insecure so constantly bring them up doesn't help anyone.