Menu
I have recently been taught about hashing in A-Level Computing and wondered if I could write a program to hash passwords using the same algorithm as Windows 10.
The reason I want to use the same algorithm as used to store passwords in Windows 10 is because I would like to compare the hashed value I generate to the value stored by Windows.
What hashing algorithm does Windows 10 use to store passwords?
635
The user passwords are stored in a hashed format in a registry hive either as an LM hash or as an NTLM hash. This file can be found in %SystemRoot%/system32/config/SAM and is mounted on HKLM/SAM and SYSTEM privileges are required to view it.
It has four variants—SHA-224, SHA-256, SHA-384, and SHA-512—which are named according to the number of bits in their outputs. Of these, SHA-256, SHA-384, and SHA-512 are implemented in the Microsoft AES Cryptographic Provider. This algorithm is used for SSL3 client authentication.
To protect passwords, experts suggest using a strong and slow hashing algorithm like Argon2 or Bcrypt, combined with salt (or even better, with salt and pepper). (Basically, avoid faster algorithms for this usage.) To verify file signatures and certificates, SHA-256 is among your best hashing algorithm choices.
Windows uses the NTLM hash; during boot time, the SAM file hashes are decrypted using SYSKEY, and the hashes are loaded into the registry, which is then used for authentication purposes.
The NT hash is simply a hash. The password is hashed by using the MD4 algorithm and stored.
NTLM [..] uses RC4 for encryption. Deriving a key from a password is as specified in RFC1320 and [FIPS46-2].
This appears to still be the case in Windows 10, although it's now stored completely differently (in an isolated virtual machine for protecting passwords).
This reasoning also backs up the idea that the hash algorithm won't have changed, but it's not a certainty.
NB. that this applies to a standalone computer. If the computer is joined to an Active Directory domain, the domain controllers use an AES based system for password hashing.
137
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
